Writing a PAC File to direct O365 to Zscaler, All other traffic direct to Internet

Hi all,

I am currently doing testing for mobile device - Android & iOS. I have a test case that I want to achieve when using mobile devices: When using mobile devices, only log O365 traffic in web insights log, other traffic are not supposed to be log due to user privacy issues & concerns.

This is the PAC file’s entry I had made for this case, however all traffic are still being logged:
//for O365 - Go through Zscaler (Web Logs)
if ((shExpMatch(host, “.microsoft.com")) ||
(shExpMatch(host, "
.officeapps.live.com”) ||
(shExpMatch(host, “.office.com")) ||
(shExpMatch(host, "
.office.net”)) ||
(shExpMatch(host, “.office365.com")) ||
(shExpMatch(host, "
.microsoftonline.com”))||
(shExpMatch(host, “.microsoftonline.com”)) ||
(shExpMatch(host, “.microsoftonline.net”)) ||
(shExpMatch(host, “.windows.net")) ||
(shExpMatch(host, "
.sharepoint.com”)) ||
(shExpMatch(host, “.live.com")) ||
(shExpMatch(host, "
.live.net”)) ||
(shExpMatch(host, “.onedrive.com")) ||
(shExpMatch(host, "
.lync.com”)) ||
(shExpMatch(host, “.skype.com")) ||
(shExpMatch(host, "
.outlook.com”))) ||
(shExpMatch(host, “*.onmicrosoft.com”)))
{
return “PROXY sin4.sme.zscaler.net:80”;
}
else
{
// Other traffic go to Internet - (No Web Logs)
return “DIRECT”;
}

I am unable to achieve the intended result, do anyone have any experience in this? My portal has O365 one-click enabled, both SSL inspection for Android & iOS disabled.

Regards,
Matthews Loke

Verify all the URLs in https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges is added in PAC file.

I’d also test the PAC in a browser, once known working, move to your Z-App profile(s)

1 Like

Hi Scott,

Do let me know of the outcome tested by you.

Thank you.

Regards,
Matthews Loke

Hi @matthews.loke, sorry, to be clear I wasn’t suggesting I’d build & test this on our behalf, simply generally a good practice to test your PAC logic in browser before porting to Zscaler App.

Also, pactester is a great tool for building and verifying PAC logic --> https://github.com/manugarg/pactester