Zscaler -- Endpoint FW/AV Error

We have been observing below error in Zscaler Client Connector in one the Ubuntu workstation.

Endpoint FW/AV Error

I have checked articles related to Zscaler Process exclusions, but did not found any thing related to Ubuntu/Linux.

Can any one help ?

Thanks,
Rahul

Any suggestions ??

Thanks,
Rahul

Hi Rahul,
The Endpoint FW/AV Error error typically means that Zscaler Client Connector cannot communicate with itself and an AV or host-based Firewall product is blocking this communication. May I ask are you using ZCC for ZIA, ZPA or both?

Warm Regards,
Chris

Hello Chris,

We are using ZCC for ZIA only.

Thanks,
Rahul V

Hi Rahul,
If you are using third-party AV or Firewall, try allowlisting the following processes:

Allowlist the entire path of the following files:

  • /opt/zscaler/bin/zsaservice
  • /opt/zscaler/bin/zstunnel
  • /opt/zscaler/bin/ZSTray
  • /opt/zscaler/bin/zsupdater

Warm Regards,
Chris

1 Like

Hello Chris,

Thanks for your reply.

But we are seeing this in only 1 PC. though the same AV is installed in all the rest other PCs.

Thanks,
Rahul

Rahul,

Maybe there is another process/service that listen on TCP 9000 on that specific client, and you can use:

C:>netstat -o -q -n | find “:9000”

Process ID will be in the 5th column and then you use Task Manager | Details tab to find which process it may be.

TCP 9000 is the default port that Client Connector is using, and can be adjusted here: Zscaler Mobile Portal | Administration | Client Connector Support | Endpoint Integration, and it will be applied on all installs, so be careful.

We have some lab equipment software that rely on TCP 9000, so moved to TCP 9001.

–
/Jesper

Hello Jesper,

We are seeing this issue in Ubuntu OS Machine.

Thanks,
Rahul V

Sorry, but I guess it applies on any supported OS, I mean; that another service/process is listening on TCP 9000.

–
/Jesper

Hello Jasper,

I’ve checked it. There is no other process/service which is listening on TCP 9000.
PFB Screenshot.