Hello!
If you create an "Agentless" policy and use It on a Web-based resource, the ZTNA Gateway will act as a reverse proxy and use the imported certificate for automatic HTTPS over TCP/443. But this feature isn't available through the "Agent" policy.
As an example, if you have a certain Web service running over TCP/8080:
- The "Agent" method will only allow the browser to connect if the user uses the TCP/8080 port directly.
- The "Agentless" method will act as a reverse proxy and the experience will be transparent for the end user. (The user will access the resource by just using the FQDN, without any need to directly connect over a different port.)
It's understandable why the "Agentless" only allows HTTP/S traffic and does the proxing, but why the "Agent" policy isn't allowed to do the same?
This would be a good feature addition, since the users (such as me) doesn't have to run another reverse proxy just for the "Agent" clients.
Thanks!
This thread was automatically locked due to age.
