Is anyone else experiencing a problem where large US commercial sites (big-box retailers, home improvement/hardware, groceries) who use a certain Web Application Firewall are blocking client requests that come from the Zscaler IP range?
For example, we have seen problems with users browsing to www.hmedept.com (URL obscured) receiving an error like: “Access Denied. You don’t have permission to access http://www.hmedept.com/” on this server. Reference #18.097d098a098f.something."
In the cases we have seen the WAF that is performing the block is Akamai. This has happened at multiple big-box sites.
We can work around this issue by bypassing the site in our Forwarding Profile PAC. We don’t like doing this because it is hard to manage, and removes the security protections and logging we’d normally get from ZIA.
It seems to me, subjectively, that this is happening more frequently. Has anyone else seen this? Zscaler internal types - is it possible that Akamai is seeing Zscaler IP’s as blacklisted, or perhaps something similar?