Issues with Outlook when working outside corporate network with Zapp

Hello,

Since few weeks now, we are struggling, that some users have problems with Outlook (mainly, but sometimes Skype4 Business or Office account is affected). Problems occurring only when users are outisde office so when Zapp is started to work. Off trusted networks we have tunnel with local proxy, since in on trusted network we have proxy enforced.For other, we have route based tunnel driver type, disable loopback restriction enabled, override wpad enabled and restartwinhttp disabled. As Zapp we are using normally 1.5.1.8. In addition we have ModernAuthentication and MFA enforced. Policy for MFA is that Zscaler node ip are trusted, so when user is connecting from it, he will NOT be challanged for MFA. In Azure logs, I have noticed that for this affected users, traffic from Outlook is skipping proxy settings, so in logs it is visible that thay are login from outside IP. But for whatever reason window for MFA does not appear. Outlook or is not able to connect or displays message needs password. In Azure logs it is visible that user did not pass MFA challenge. I also notice that often or affected laptops Edge or Office has issues described here https://docs.microsoft.com/en-us/office365/troubleshoot/authentication/connection-issue-when-sign-in-office-2016, and in Windows event logs (Applications and Services logs\Microsoft\Windows\AAD\Operational) there are hundreds of errors 1908
"Error: 0xCAA70004 The server or proxy was not found.
Exception of type ‘class HttpException’ at xmlhttpwebrequest.cpp, line: 171, method: XMLHTTPWebRequest::ReceiveResponse.
Log: 0xcaa10083 Exception in WinRT wrapper.
Logged at authorizationclient.cpp, line: 224, method: ADALRT::AuthorizationClient::AcquireToken.
Request: authority: https://login.microsoftonline.com/common, client: {268761a2-03f3-40df-8a8b-c3db24145b6b}, redirect URI: ms-appx-web://Microsoft.AAD.BrokerPlugin/S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157 "

When Zapp is removed or disabled, all is back to normal. User has windows to enter MFA code, Outlook is able to connect to Exchange online.

I thought, that issue maybe coused by Zapp 1.5.18, what quite often is in status “Connecting”, but even I did update for App 2.1, and it is connecting normally, issue is still there.

Unfortunately issue is more and more problematic, as since lot of people are working from home nowadays, we have lot of complains. We have ticket 02328163 opened, but for now no clear solution.

Sorry for so long post, and maybe not written good enough, but if something is not clear please let me know.

Using ZScaler last 1 week … When in Outlook … noted that keyboard keys changed specifically ["] and [@] swap … others have reported spell checker disabled … trying to understand if this is isolated case or general.