Zscaler App Configuration

Some of our customers were having issues deploying GoTo Resolve within a Zscaler environment. 
One of our customers shared this outline as a guide and were able to get Resolve working properly with Zscaler enabled. 

This process is done in 2 stages: 

 

1 - The stage on the Firewall Control and Filtering Rule is tied to the first step in the second stage of accessing Administration, selecting URL Categories and then adding a URL Category. 

 

2 - Add all the Required Domains and Ports listed on the Resolve Allowlist article and then per guidance from Zscaler vendor, included the 5 additional URLs in the Add URL Category. 

 

Policy > Firewall Control > Add Firewall Filtering Rule:

• Give it a name > Destination IPs and add all the GoTo URLs listed under the “Required Domains and Ports” on the Allowlist along with the additional 5 URLs in the list below.
• Save  > Activation
  

 

Sign in, and go to Administration > URL Categories > Add URL Category:

• Give it a name, and add the following:
  • cdn.console.gotoresolve.co
  • Console.gotoresolve.com
  • Device-iot.console.gotoresolve.com
  • Devices-iot.console.gotoresolve.com:443
  • Devices.console.gotoresolve.com/health
  • Activate this (your ZScaler folks will know what this is).
  • Then go to Policy > SSL Inspection Policy > Add SSL Inspection Rule:

Give it a rule order and name > change URL Category to your newly created category > go to Action: Do Not Inspect and Bypass Other Policies.

Save that, activate again, and update the policy on your end clients (or wait an hour or so). 
Please post a reply if you have tried it and if this information was helpful.