ZScaler integration with Okta. Proxy IP addresses definitions in Okta network zone

(Alex) #1

Okta has a reference to Proxy ip addresses within Network Zones definition. I’m not able to find any documents from Okta on how Proxy IP addresses are different from the Gateway IP addresses. Looks like when application sign-on Policy is defined, Okta does not do anything with IP addresses defined as Proxy even though the Ip’s get logged into the log.
Knowing that’s ZScaler has partnered with Okta, is there any documentation available from ZScaler?


(Naresh Kumar ) #2

Not sure if this helps but few links about Okta and Zscaler



(Alex) #3

Does not really explains how to use Proxy IP addresses with Okta Policy

(geniller) #4

I want to do the same as you do/did,
There is a document from Okta now explaning the difference between the proxy and the gateway IPs (https://help.okta.com/en/prod/Content/Topics/Security/Security_Network.htm)
Did you do it ?
You have to decrypt the packet destinated to Okta with SSL inspection right ?
Is it working fine ?
Thanks for your help,

(Alex) #5

Yes it works with SSL decryption as well.
This can be used with Okta applications sigin policies to control user’s access.