Websites not working on Zscaler

I have a query. In my organization, one user is facing an issue. He has zcc installed on his machine. He connects via VPN. Now the scenario is whenever he tries to access internal websites it gives a TLS error on IE browser and on other browsers also the websites don’t work. The user is unable to access the websites without a VPN. Have raised an issue with the zscaler support team but they were unable to reproduce the issue. The things are getting escalated not and I need a quick solution on this, please.

Thanks,
Sunil V.

Hi @sunil_110783, it sounds like client connecter is configured to draw in traffic in, traffic that you intend to go over the VPN? If that’s the case, you will need to configure the Forwarding profiles to bypass traffic from client connector, though there may be different nuances depending on the forwarding modes you use.

I believe this is the best article to study → Best Practices for Using PAC Files with Zscaler Client Connector | Zscaler

1 Like

Thanks Scott. I Will go thru the link you have given. Thanks again.

Hi Sunil,

It appears that the issue is related to one specific workstation and it has been resolved by our support team.

The below section in the Zscaler recommended PAC file would bypass the private IP address (internal websites)

    Most special use IPv4 addresses (RFC 5735) defined within this regex.
         var privateIP = /^(0|10|127|192\.168|172\.1[6789]|172\.2[0-9]|172\.3[01]|169\.254|192\.88\.99)\.[0-9.]+$/;
         var resolved_ip = dnsResolve(host);

         /* Don't send non-FQDN or private IP auths to us */
         if (isInNet(resolved_ip, "192.0.2.0","255.255.255.0") || privateIP.test(resolved_ip))
   	          return "DIRECT";

Reference: http://pac.zscaler.net/zscaler.net/recommended.pac

Thanks,
Giriraj

1 Like