Zapp ends in Endpoint FW/AV error

user facing issue Zapp is logged in. It stays connected for 30sec and get error related to Endpoint FW/AV error. Restart service, Repair, Reboot, Logout ends in same error. We open port 9000 via GPO. Gpupdate is successful in user machine. Still issue persists only with one user. ZSATray logs says “FIREWALL BLOCK ERROR”.

#NORMAL #INFO : ZIA state changed, From: TUNNEL_FORWARDING To: FIREWALL_BLOCK_ERROR

Regards
Ganesh krishnan

Hi Ganesh,

Z App attempts to communicate with itself locally on the machine to see if something is blocking us. This could be a firewall, antivirus, or even potentially a VPN grabbing this traffic.

But in all cases the error is caused because Z App sends out a communication to itself locally on the machine an that is never received.

Have you following the network requirements here: https://help.zscaler.com/z-app/zscaler-app-processes-whitelist

Regards

David

You’re saying it’s with only one user? If there’s an issue with user A on machine A but not user B on machine B, what happens if user A moves to machine B and user B to machine A?
Did this ever work?

We are following this link. Pushed the changes via GPO. It works for almost everyone. This User A connected to Zapp (status:on) . But it changes its status after 30sec with firewall block as message. If Zscaler service is blocked due to insufficient config, it should not change the status as ON.

I agree something in this desktop blocks the connected session. What is the best way to identify that ?

Regards
Ganesh Krishnan

The User A is works from home and he couldn’t test it in any other machine. So i am unable to test it in another machine :frowning:

Regards
Ganesh Krishnan