Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
0
Helpful
1
Replies

ZTNA and Client VPN – User interaction

whistleblower14
Level 1
Level 1

‎01-01-2025 12:04 AM - edited ‎01-01-2025 12:08 AM

Happy new year everybody!

please allow me a question because I have some problems in the understandig of the end user behavior when it comes to access of Private Application which can be achived via Client-Based ZTNA and ones which are only available at the same time via VPN…

So when a user tries to connect to ZTNA based access the end user will be based on the configuration of the client profile dynamically/automatically connected via the Secure-Client ZTNA Module and no further or manuel enablement in the Client Software needs to be done by the user, correct?

But what happens if a private Application is only reachable through VPN - will the user have to manually click the Secure-Client VPN Module to connect or is this also dynamically detected somehow and so transparent for the end-user?

thank you for and kind of answer!

Labels:
0 Helpful
1 Reply 1

M02@rt37
VIP
VIP

‎01-01-2025 01:15 AM

Hello @whistleblower14 

Happy New Year !!!

When an end-user tries to access a private application configured for ZTNA-based access, the secure client's ZTNA module dynamically and automatically establishes a connection to the ZTNA gateway. This process is completely transparent to the user and does not require any manual action, provided that the ZTNA trust broker and client profiles are configured correctly. The seamless behavior is a key advantage of ZTNA, as it eliminates the need for users to manually connect or manage access to private applications.

For applications that are accessible only through a VPN, the user typically needs to manually initiate the VPN connection using the Secure Client software. However, to improve the user experience and make this process more transparent, certain automation features can be enabled. For example, Always-On VPN ensures that the VPN connection is automatically established when the client detects that it is outside the corporate network.

Additionally, application-based detection can trigger the VPN connection when traffic destined for specific applications is detected.

In environments where both ZTNA and VPN are deployed, the Secure Client can intelligently manage traffic based on predefined application access rules in the client profile. If an application is not reachable via ZTNA, the client can fall back to VPN, but this fallback may still require manual initiation unless automation features like Always-On VPN is configured. 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents