ZIA does not connect after workstations come back up after sleep/hibernate. This happens usually in the morning, and sometimes when users unplug their laptops and move somewhere.
We know this because we are using Azure AD conditional access policy to only allow Microsoft 365 logins if the client IP belongs to any Zscaler Cloud IP, meaning ZCC has to be running and ZIA connected before the login is allowed.
If you check the ZCC UI, ZIA will say “connection error”. Sometimes, it gets stuck on “connecting”.
Checking ip.zscaler.com will tell you that you are indeed offline from Zscaler Cloud.
Support said it has something to do with the network adapter being one of the last components to “wake up”.
This has happened to all our users at some point over the last year. The remedy is always to restart zscaler services (via ZCC) but it’s a bit inconvenient to figure out from an end-user’s perspective. It has also given a bad rep for Zscaler, since it’s always the same app causing issues during critical times of the day.
I’ve reported this issue several times to Support, sad to say I have not received any good answers. I only found out earlier this year that this is apparently a “bug” since version 3.6, maybe even earlier, when I decided to review the ZCC changelogs.
On one of my tickets to Support, I was told that this bug has been fixed in 126.96.36.199. After upgrading, I noticed the bug is still happening (less frequently now, to be fair with R&D).
The good news is that ZCC can now correct itself after approximately 15 minutes without any user intervention.
the not so good news is that ZIA will actually say “connected” and ip.zscaler.com also says yes. But I know the issue is still happening just by checking the Microsoft 365 sign-in logs, as well as good old whatismyip. Kinda sneaky to be honest, Zscaler.
I’m giving this forum a try, hoping to be able to share more sensible thoughts.
Anyone else encountered this issue before or still facing it now?