Goto and select the domain on which company is registered such as or If both are normal than follow below steps for Zscaler. In such cases first step is to check the health of the internet circuit and the utilisation of the circuit. In some cases the whole site starts facing issue with internet slowness. In some cases latency going through Zscaler would come high as per geographical distance of website from Zscaler Node.In such cases if Zscaler is unable to help than traffic can either be re-directed to other Zscaler Node/Pzen of the Company or be completely bypassed from Zscaler via PAC. Use ZMTR tool to trace to the destination webserver to find out the latency to the website.
If the above step did not resolve issue than download ZMTR tool from If yes bypass SSL inspection and try access.
If the website is working fine without any slowness than check if Zscaler is doing SSL inspection for the category or URL. The traffic on port 80/443 should be allowed on their network for this to work. Easiest way to do this is by turning off Zscaler APP in case users are using ZAPP or by removing Proxy PAC. In case slowness is with particular application/website than first isolate if the issue is caused by Zscaler or not. Slowness issues can be divided into two parts :-ġ.Slowness with particular application/website:. For above case if you are using Forwarding PAC file to redirect traffic to Zscaler directly and not via APP by using below Syntax which is available in all Forwarding PAC files.
Zscaler App does not support traffic on non-standard Port and will send the traffic direct. which works on non-standard Port i.e Port 89 over https. Some websites are not accessible via open internet and needs IP whitelisting at their end.In such scenarios if the website is not working at our end ask user if they are aware of any IP restriction at web master.Ī.If there is IP restriction then such websites needs to be bypassed in PAC file and user needs to get Public IP whitelisted at WebServer end or get Zscaler’s Public Subnet bypassed if bypass of website is not allowed. Try adding them in Auth/SSL bypass incase their domain are not added. Take wireshark capture with and without Zscaler.Look at the captures for the URL domains. Ask user if they are aware of any URL’s binded to the Application.In case they provide than Check the category of website before doing any SSL/Auth Bypass since few categories are already added in Auth/SSL Bypass and adding website explicitly would not make any difference.ī.If URL’s are not known ask user to get the Wireshark installed on their machine. To determine if Zscaler is the cause turn off Zscaler APP on user machine and check application access if it is working than Zscaler is the problem. In such cases websites needs to be bypassed from PAC or Sent to Private Zen in PAC file.Ĭase 2: Issue with Application while using Zscaler APP This would mean that the website won’t work via Zscaler since there would be no DNS resolution. In case if the website is internal to Customer Environment.
Look at the captures and incase you are unable to find anything then raise a case with Zscaler and provide all details.Use below while raising case:-Ģ.Collect web insights logs for user and affected websiteģ.Wireshark and header trace with and without Zscaler.Į. Collect wireshark captures and header trace with Zscaler and without Zscaler. If it is working at other location than it is probable that Zscaler Public of affected location is blocked at Webserver End.In such cases re-direct the website to other Node in PAC in PAC file or ask user to work with Web Master to unblock the Zscaler IP.ĭ.Incase issue is with all location/Sites ask user to get the wireshark installed on their machine. Ĭ.If the website still d oes not work then we need to check if it is working from any other customer Site. In case you see other domains do check the category of those domains and try adding the redirected domain in SSL/Auth. Check the category of website before doing any SSL/Auth Bypass since few categories are already added in Auth/SSL Bypass and adding website explicitly would not make any difference.ī.Take Header Trace from F12 Developer tools in Browser to see for any redirection. Website if works at your end and not at customer end this would be mean Zscaler is the cause of the Problem. Use website to check if the website works from different Geo locations.Ī. Check if the website works at your end on your machine/mobile. This Guide will help in troubleshooting Zscaler Cases