Skip to main content
  • EN

Hello,

I want to clarify if the Netskope client is required for NPA access for users who are at the office.

We have deployed NPA so that we can force an external public Application traffic through a publisher to get a fixed public IP address due to public IP address whitelisting requirements.  As we have IPSec tunnels connecting the site to Netskope cloud,  do we still need to have the client installed on the users device? Do we need to have browser based access configured for this to work?

For Zscaler this is not a requirement. We use Zscaler ZPA for another customer to route Guest Wifi clients to the self-registration portal. The Guest traffic goes over IPsec tunnels to the Zsclaer cloud and Zsclaer send to to a ZPA connecter. This allows the routing of Guest traffic without having to send it over the customers internal network.

This set up does not seem to work in Netskope.  If application trafic is sent over the IPsec traffic Netskope, it is not sent to the Publisher. It works when the client is used. Would it work if we enabled browser based access?

Many thanks,

Michael

I don’t believe NPA interacts at all with IPSEC tunnels. Clientless NPA should work I would think as that ultimately goes to a dedicated netskope domain to get handled.

Reply


Terms & ConditionsCookie settings