I use Windows 10 in a Hyper-V environment almost every day for testing. My host machine has ZCC enabled in ZT2.0 mode. Traffic is routed out directly to a router - it does not pass through the host machine’s ZCC.
I’d personally try removing those VPN bypasses and add them into a Forwarding Profile PAC. There can be some nuances with DNS resolution when placing them into the VPN bypass list
There are a few things to consider here:
- Is the NIC configured as Internal or External? (Internal is referred to as NAT in VMWare terms, which means all traffic will use the host machine as the gateway. External = Bridged, which means effectively another machine on the network, separate DHCP leases etc)
- Have you performed a trace directly on the machine to see where the traffic is flowing?
- Is the host machine authenticated with ZIA via a PAC file, or is it using ZCC?
- Which tunnelling method is the Virtual Machine using within ZCC?