Zapp OFF TRUSTED NETWORK


(Sarra) #1

Hi,

i configured my forwarding profile in tunnel with local proxy mode, and set my condition to DNS server

the issue is that the Zapp display that i am on off trusted network when i am in

is this some reason for that

regards


(David Creedy) #2

Hi,

This would likely mean that the device can’t reach the DNS server to trigger trusted network. This part of the logic is fairly straight forward. Can you verify the device can reach that DNS server?

Regards

David


(Sarra) #3

Yes, the device can ping the dns server


(Sarra) #4

Is Zapp trying to resolve public domain in the host ? or just ping the IP DNS server


(David Creedy) #5

Here’s an article that explains the three checks -
https://help.zscaler.com/z-app/configuring-forwarding-profiles-zscaler-app#subc-trusted-network-criteria-instructions

If you are using DNS server, it will check that that server responds to DNS requests. The idea being that if you specify an internal only DNS server, the device can only reach it for DNS requests if it’s on the internal network. When the device is outside, on a public connection, it won’t be able to reach that DNS server for requests.


(Sarra) #6

Hi,

thank you for your answer,

that what i did, the host can reach the DNS server , but the Zapp display that the host is Off trusted network,

how can i resolve this issue,

regards,


(David Creedy) #7

Hi,

It sounds like a configuration issue. I think the best way to resolve this would be to collect Z App logs and open a support ticket.

Regards

David