This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Known issues list

Please create a new post in the Discussions section for any questions or comments.

Update Changelog

  • January 5th, 2022 - Updated for ZTNA GA release
  • January 31st, 2022 - Added NZT-3555

ZTNA Known Issue List

Known Limitations

Issue Key


Workaround (if any)


NZT-2939 Not able to connect more than 1024 agents for a gateway with single node In case more agents need to be connected, gateway clustering is recommended. -
NZT-2516 AWS Cloud formation stack creation is failing in Osaka region while trying to create a ZTNA gateway AWS restriction as Multi AZ feature is in the process of being rolled out in the ap-northeast-3 region
NZT-2274 TFTP traffic is not supported via ZTNA gateway Any protocol using dynamic ports is not supported.

TFTP is a UDP-based protocol. Servers listen on port 69 for the initial client-to-server packet to establish the TFTP session, then use a port above 1023 for all further packets during that session.
NZA-675 Windows update is revoking full access permission for sntpservice for the system registry key Manually set full control permission for "NT Service\SntpService.". Then restart the service or reboot. Windows update is revoking the full access permission for sntpservice for the system registry key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\”.
Following this, configuration of the ZTNA TAP adapter fails, if the system or sntpservice is restarted.
NZA-261 Linphone softphone is not working with ZTNA Agent
NZT-2104 Application access via ZTNA agent fails when more than 1 application is hosted on the same server and they have different internal FQDNs This is an issue seen only with a ZTNA agent. The same is not seen with Agentless access
NZT-1969 Users are facing 403 error after updating user group name in Azure AD The admin would need to navigate to the resources page and re-save the changes
NZT-2725 Gateway Bandwidth report: Values displayed for agentless applications considers only payload and not the headers
NZT-3555 IP subnets used for internal services will have to be excluded Exclude following subnets, and as they are currently being used for internal services. If gateways are configured to operate in these subnets, they may encounter issues related to accessing applications.

Pinned. Please create a new post in the discussions section if you had a question/comment regarding the KIL.

[edited by: FloSupport at 2:40 AM (GMT -8) on 1 Feb 2022]