Using zTunnel v1 how do I deal with access to https://www.myserver.com:7623

Hi community,

is there a way to deal with non- standard HTTP/HTTPS ports when using zTunnel v1 ?

Regards
Tom

This is possible if your forwarding method is tunnel with local proxy.

Hi Ramesh,

will tunnel with local proxy also catch port 80/443 traffic transparently ?
E.g. when using a non-proxy aware app that connects directly to the Internet on port 80 - will this be picked up ?

Regards Thomas

No, tunnel with local proxy will not fetch traffic non-proxy aware applications.

In Tunnel with Local Proxy mode, Zscaler Client Connector sets proxy settings on user devices so that all proxy-aware traffic is tunneled to Zscaler. The app does this by automatically installing a PAC file on the system to force all traffic to go to the local host.

See here,

https://help.zscaler.com/z-app/configuring-forwarding-profiles-zscaler-app#:~:text=In%20Tunnel%20with%20Local%20Proxy,go%20to%20the%20local%20host.

Hi Ramesh,

yes we know but we would like to use the transparent tunnel for 80/443 to capture application traffic from non proxy aware apps. So as far I can see the only solution would be zTunnel v2, right ?

Regards Thomas

Yes, for forward all application traffic with any port number , you can chose tunnel V2

1 Like

An additional question:

When using Tutnnel with local proxy mode is it possible to direct an app directly to the local proxy running on 127.0.0.1 ?

Thanks Tom

Yes you can, by default the listening port is 127.0.0.1:9000. You can take a look at the fiddler set up for an example of how to do this.

1 Like

If I connect my client application to proxy 127.0.0.1:9000 how will this traffic be processed ?

I mean in tunnel with local proxy mode will this traffic be „piped into“ the ztunnel to the datacenter the zApp is currently connected to ?

Thanks and regards
Tom