icon-unified.svg
Experience Center

Firewall Requirements for Using PAC Files

Review the firewall configuration requirements and the destination IP addresses of the service, and then make the necessary configuration changes.

To review the firewall requirements:

  1. Go to https://config.zscaler.com/
  2. In the Cloud drop-down menu, ensure your appropriate Zscaler cloud is selected (e.g., zscaler.net).
  3. Review the Firewall Config Requirements section.

To restrict web access to the Zscaler service only, configure your firewalls to allow outbound traffic from all clients to the service.

Additionally, ensure that you define firewall policies that do not allow traffic to bypass the service and go directly to the internet, unless it’s explicitly allowed. To deter users with admin rights from installing non-standard browsers to circumvent the Zscaler service, you can use firewall rules to force users to browse through the Zscaler service only.

Related Articles
Writing a PAC FileBest Practices for Writing PAC FilesFirewall Requirements for Using PAC FilesUsing Default PAC Files to Forward Traffic to Internet & SaaSUsing Custom PAC Files to Forward Traffic to Internet & SaaSForwarding Traffic Based on User's Location Using PAC FilesLoad Balancing for PAC Forwarded TrafficDistributing a PAC File URL to UsersConfiguring Internet Explorer to Use a PAC FileConfiguring Google Chrome to Use a PAC FileConfiguring Mozilla Firefox to Use a PAC FileConfiguring Safari to Use a PAC FileIdentifying the PAC File on a Device Using Browsers