Issue
The Zscaler Client Connector encounters a connection failure when used in conjunction with the Cato SDP Client, displaying an error message stating "No network interface can be detected."
Environment
- Cato SDP Client connected to the Cato Cloud.
- Zscaler Client Connector App version 4.1 and above.
Reason
The connection failure is attributed to a compatibility issue between the Cato SDP client and Zscaler Client Connector App versions 4.1 and above.
The Cato SDP client assigns a 169.254.x.x IP address (defaulting to 169.254.254.1) as the default gateway address to route traffic via the tunnel when the Cato client is connected. However, when the Zscaler Client Connector 4.1 and above detects the use of a link-local IP address as the next hop, it blocks the Zscaler connection.
From zScaler Client logs, the error looks like this:
2023-08-14 16:54:44.117118(+0530)[11896:11880] ERR Default Interface Gateway is: 169.254.254.1
This issue will persist even if the Zscaler Cloud public IP is bypassed from the Cato tunnel (split tunnel).
Solution
This compatibility concern has been reported to Zscaler Support. While awaiting a comprehensive solution from Zscaler, the current known workaround involves downgrading to Zscaler client version 4.0.
0 comments
Please sign in to leave a comment.