Starting and Detecting ZScaler is running

Good Afternoon,

Apologies but I have some very simple questions…
I’m working with someone who is deploying ZSCaler and it is working well, but they are trying to figure out something…

When they had a Normal VPN, they could easily check to see if the VPN was UP/Down by checking for the Virtual Adapter.

Clearly that does not exist…

Example - In the past my Work IP may be 192.168.x.x.
However, Starbucks could also use 192.168.x.x
Verifying the VPN nic would help us confirm if we were or were not on a VPN.

It seems ZScaler just auto-starts and is always running…
So I presume We would just check that ZSATunnel.exe was running…and that would be “VPN Up”…or at least in terminology of old I.T. person thought process…

Is there anything else we need to check to see if my “ZSCALER VPN for a better term” is up?
Just trying to make sure I’m going down the right path…
(Yeah…I could do a connectivity check on internal resources…but trying to avoid that if not needed.)

Hi Tom - we typically do use the internal network awareness method (Trusted Network) to decide whether ZCC loads in tunnel mode or not. There’s also another option known as ZIA Posture Profile that checks to see if running processes are loaded and supports most of the popular endpoint solutions but can’t guarantee your specific VPN is supported in Device Profile.

Trusted Network and checking for a known internal resource (DNS, Search Name, Hostname/IP) is probably the way to go. And a slightly more elegant option would be to put the VPN in split tunnel mode automatically with one of these options (must use ZCC v3.8+)

Enable Split VPN Trusted Network

Skip Trusted Criteria match for VPN Adapters

you could check value of registry key
eg HKCU\Software\Zscaler\App\ZPA_State

1 Like

Thanks! I found that key…It may be of some use.

I can see “Trusted Network” in the UI…Is there a Registry Key or something similar where I could tell if I’m on a Trusted Network or not?

Between the two I think i could easily verify it is running and if i am or am not on a Trusted Network where I will be running through it.

see Zscaler Client Connector: Windows Registry Keys | Zscaler