VPN to bypasss Zscaler

I noticed that some of my users are using a VPN to bypass Zscaler, This particular one is called psiphon3,
I did a test and in my logs I noticed it was using ip 213.108.105.85:443 and url category was Miscellaneous or Unknown, I have Miscellaneous or Unknown category as blocked, why is it not being blocked? is this normal behavior?
Is there a way to block VPN’S?

Hi @mr_hofer, you should be able to block this, it sounds like you have the right policy in place. Are you doing SSL inspection. if not, do you have an SSL blocking policy defined?

https://help.zscaler.com/zia/how-do-i-block-https-traffic-without-ssl-inspection

Note Zscaler also has anonomiser signatures and category too, for some additional controls to consider.


If you’re setup correctly best open a support ticket, the team will be able to get deeper into issue.

I am doing SSL inspection, all miscellaneous categories are being blocked expect if its an IP address, see image.

+

This is indeed strange, not something I’ve seen before. Can you please open a case with Zscaler support? They will be able to dig in deeper, run the needed traces etc.