hope you’re doing great. We recently started the trial of ZApp tool and I’m facing some recurrent connections issues while on remote (out of office) with EXchange Online.
I get disconnected from Online Exchange server (Connected through Outlook 2019) and I can’t reach it anymore until I disconnect the ZApp tool.
It’s not very convenient.
I’ve read some documentation and asked our ZScaler vendor for assistance but they seem to struggle to find a solution.
Our setup is based on Kerberos auth with SSL inspection.
So far, we have implemented the following:
Advanced Settings => Authentication Exemptions : roaming.officeapps.live.com
SSL inspection => exemption hosts : Autodiscover.ourdomain.com & autodiscover.ourdomain.onmicrosoft.com
URL & Cloud App Control => Enabled Microsoft-Recommended One-Click 365 Configuration => Actived
on ZApp config
Forwarding Profile => Custom
Trusted Network Criteria => our internal DNS are set
Windows Driver selection ?> Packet Filter Based
Forwarding Profile for ZIA =>
On trusted network => Enforce Proxy (System proxy settings)
VPN Trusted Network => Tunnel with Local Proxy (System proxy settings)
Off Trusted Network => Tunnel with Local Proxy (System proxy settings) => defined pac file
on ZApp Policy, it’s just a different pac file than Off Trusted Network to allow to connect to our infrastructure via VPN Client.
Looking forward to hearing from you.