We’re running into a weird issue and are seeking assistance to find a solution. We have users who are running into issues accessing SSO resources that are Microsoft SSO and externally hosted, they also are using this newer model white Verizon router that uses a Self Organized Network feature. SON steers the laptop into whatever best supported combination of radio 2.4/5, channel, and 802.11x protocol works best for it at a given moment based on what it supports and other utilizations, distances from AP, etc. Our findings are as follows:
Verizon + MS Auth + Zscaler = doesn’t work
Verizon + MS Auth + ZCC/ZIA turned off = Works
Verizon + Zscaler + Any other website = Works
Verizon (NO SON feature) + Zscaler + MS Auth = Works
Zscaler + MS Auth + OTHER ISPs = Works
We’ve reinstalled ZCC, we’ve replaced laptops, we’ve piloted ZDX and the only events seem to be the Wi-Fi is changing radios. Any help or advise would be greatly appreciated. We have a workaround of enabling a user’s guest SSID on their Verizon Router (Guest network is 2.4 ghz and doesn’t use SON) and that works, but we don’t want to have to advise a ton of people in our organization to be messing with their home routers. If anybody else has seen anything like this and found a solution please let me know!
