Zscaler is Captive Portal Detected at Personal network

Zscaler displays Captive Portal Detected in home and personal network environments. But working in a corporate network environment is fine. Zscaler cannot be used outside the company and the internal website cannot be accessed. This error occurs frequently. And only on home and personal networks. It involves most of the people in the company. PS: We are using the Chinese network. This is a problem that has never arisen before. There will be a brief return to normal after restarting Zscaler.

I used face this issue when migrate china users into zscaler. I would recommend to hardcode the chinese nodes in pac file return statements.

Additional surcharges required for china public nodes.

1 Like

Agree with Ramesh.
I’ve also had this issue on my home network when I started testing ZCC which I thought was related to the new Captive portal detection enhancements.
Have you upgraded recently?


I had a customer who had users based in China with Captive Portals and I can attest that Ramesh’s solution is what you should be trying to accomplish.

1 Like

We have lots of problems with Captive Portals for China based users.
I seem to remember that ZCC v4 introduces the ability to add custom captive portals

@Charles93 Can you please open a support ticket with the logs? We will have a look.

Hi Nirbhay,

I can not upload a log file in this chat. could you send me a email then i can send the log as attach to you.

My email address: charles.lee@nike.com

Thanks a lot.

Did you find any solution. Even for me while working from home intermittently getting Captive portal detected error message when i click retry it is cleared and later some time the error keep on coming

Dear chat members,
I have got the same issue when using with my Company Profile:
I’m using a FritzBox 7490 since Years. I never encountered the Captive Portal error before.
My Problem with the described solution is, I never activated the Captive Portal for my Company Notebook. It is detected by its physical MAC Address and has a profile which allows full Internet use without any login.
May be, there is a solution administer something on the Zscaler Client or on my Profile?

Hey Charles, same error appears in China based user in my Corp as well, just wondering if you have managed to find out the resolution from the ticket?

We’re facing the same issue before. After a deep dive analyst, we found there are two parts of this issue.

One is when using China local Public Service Edge: According to the packet capture result, we found this is because Zscaler is using TCP port 80 or 443 and those port are not allowed to be used without an ICP regisister in China Mainland. That caused the ISP device returned HTTP 403 when Client Connector tries to access Zscaler Captive Portal detect service. Then it returns Captive Portal Detected. So our issue was resolved by using another TCP port instead of TCP 80/443.

The other one is when using Public Service Edge outside of China Mainland: In this case we don’t have a full confidence but it’s highly possible due to “That” Firewall in China Mainland. Since Zscaler is building tunnel with a node that outside of China Mainland. So in some scenario, “That” Firewall will block such kind of connections and return “Connection Reset”. And then cause Client Connector returns Captive Portal Detected.

From your description, I think it’s more like the second scenario. Hope those can provide a help on your troubleshoot.

Zscaler have a custom ZCC version ( that allows you set a custom, in-country Captive Portal destination. This should get around any issues with the China firewall.

It is only a test version so not sure how freely available it might be but speak with your TAM.

Hi all,
I could solve this issue after updating the affected users to the version