SQL Server Named Instances via ZPA

Has anyone run into issues with connecting to named MSSQL instances as opposed to default instances with ZPA and identified how to get it working?

Scenario would be when DBAs try to connect like

MSSQLSERVER\namedinstance1

I suspect this is related to how the SQL Server Browser Service functions with returning dynamic ports as opposed to a static port such as 1434. Since the client initiatives the traffic to tcp/1434 and within the tcp session the client receives which ephemeral port to use it should work but I am unsure if I am missing something else.

Are you sure the client receives the port in the same communication and doesn’t receive it in a server initiated connection?

I am not familiar enough on the specific ask but I’ve seen the situation I mentioned above with SQL 2003 clusters where the client initiated the connection and then the server was responding with a port in a separate server initiated communication which will not work in ZPA.

Thanks for the thoughts; you may be onto something regarding S2k3. In regards to the named instances I have found that generally as long as the SQL server has the SQL Server Browser Agent running (UDP1434) it is supposed to respond back to the initial connection from the client with the port that the particular named instance is using - generally the ephemeral ports 49152-65535 are used in this purpose.

So far it seems most servers do in fact work fine with ZPA as long as the app segments allow both udp1434 for the initial c2s connection and also the ephemeral ports udp49152-65535 for the subsequent connection to the actual named DB instance. Issue I see is with random servers and these are in some cases older (S2k3) so now I am curious if it could be an issue with that OS version or I was thinking potential issues with how the SQL Server Browser service is configured in some instances where it doesn’t seem to respond for all SQL server instances.