Clik here to view.
Creating CA,server and client certificates using openssl for SSL VPN
Creating CA,server and client certificates using openssl for SSL VPN Prerequistics:1. Go to “cd /opt/edoceo/etc/ssl”2. OpenSSL root CA configuration file. Click here to download# Copy to...
View Articleopenssl.cnf
# OpenSSL root CA configuration file.# Copy to '/opt/edoceo/etc/ssl#/openssl.cnf'.[ ca ]# `man ca`default_ca = CA_default[ CA_default ]# Directory and file locations.dir =...
View ArticleClik here to view.
Reverse proxy web caching and SSL offloading for an Internet web server
Reverse proxy web caching and SSL offloading for an Internet web server Supported version: FortiOS 5.4.xIn this configuration, clients on the Internet use HTTP and HTTPS to browse to a web server that...
View ArticleHow to configure SSL Inspection for Chrome browser and delete HSTS from browsers
How to configure SSL Inspection for Chrome browser and delete HSTS from browsersHTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol...
View ArticleClik here to view.
Authenticating SSL VPN users using LDAP
Authenticating SSL VPN users using LDAPRegistering the LDAP server on the FortiGateImporting LDAP usersCreating the SSL VPN user groupCreating the SSL address rangeConfiguring the SSL VPN...
View ArticleClik here to view.
About Policy Based Routing
About Policy Based RoutingTraditional routing is destination-based, meaning packets are routed based on destination IP address. However, it is difficult to change the routing of specific traffic in a...
View ArticleClik here to view.
Using Fiddler to debug SAML tokens issued from ADFS
Using Fiddler to debug SAML tokens issued from ADFSMany applications want to federate with leverage certain attributes like nameid (nameidentifier), but the problem is the format is wildly different...
View ArticleCommon issues or queries when using PAC file
My web browser doesn’t seem to be using the PAC file despite the PAC URL being configured, what are some possible reasons for this?Ensure that the web server has a MIME type...
View ArticleZAPP On - Captive Portal Detection
ZAPP On - Captive Portal DetectionThe forwarding mechanism like GRE/IPSec Tunnel to Zscaler with Zapp On will be the best approach if we doesn’t default route to the gateway. Few DNS mapping might be...
View ArticleTime Intervals
Time IntervalsYou can define time intervals for use in policies. For example, if you want to block users from accessing shopping sites from 8 AM to 5 PM on weekdays, you can create a time interval...
View ArticleImprove upload/download speed of SSL VPN users
Improve upload/download speed of SSL VPN usersThe Datagram Transport Layer Security (DTLS) protocol is supported for SSL VPN connections. DTLS tunneling implementation avoids TCP over TCP issues and...
View ArticleClik here to view.
Allow specific channels while blocking access to the rest of YouTube
Allow specific channels while blocking access to the rest of YouTubeThe following configuration explains how to allow certain content while still blocking access to the rest of YouTube.Create an custom...
View ArticleClik here to view.
Personnel Gmail restrictions for specific group only
Personnel Gmail restrictions for specific group only.In Zscaler as of now there is no option to block the personnel gmail only for specific group. But there is an option to allow only specific domains...
View ArticleHTTP header trace in Chrome and Mozilla Firefox
To capture HTTP headers in Chrome:Open the developer tools window by pressing CTRL + SHIFT + ior,Open the menu on the top-right corner and select More Tools > Developer Tools.Click the Network...
View ArticleClik here to view.
Client to Client communication in Zscaler Private Access
Client to Client communication in Zscaler Private AccessValidating a client hostname allows you to enable client-based remote assistance. To enable remote assistance, a regular expression of allowed...
View ArticleClik here to view.
Internal Error Please contact Administrator (3005)
Internal Error Please contact Administrator (3005) This error used to see when deploy ZCC con user machines. In most cases this issue was not solved with retry, connect from another internet, and...
View Article