We have reverse proxy in place for O365 apps for devices without Netskope client. Now we finally want move away from providing physical hardware to consultants / external project members and replace it with providing virtual machines via Windows365. This ensures all these third parties needing access to our environment are doing this from machines we control.
All works fine when an employee with a managed device wants to access such a virtual machine (because reverse proxy is bypassed by having NS installed) but as soon as a non-company person now wants to access W365 machines we provide, reverse proxy kicks in and causes an error what prevents these users to continue and start these machines (see screenshot).
How can we exclude Windows365 traffic from reverse proxy? Is this something to configure on Netskope or IdP (Okta)? Thanks!
Are these machines in a dedicated subnet that you control? There's a few different ways to bypass the Reverse Proxy. You could install a client on those machines and only steer the Office365 and Okta traffic for those contractors. You can also bypass the Reverse Proxy based on the IP address of the user:
This would bypass the Reverse Proxy for traffic from the specified IP addresses where these virtual desktops egress from. Hopefully one of these options helps but I'm happy to answer any additional questions.
Sam Shiflett Netskope Solution Architect - North America