@Ethan-TP Hey there, adding you to this matter. Thanks :)

  @Ethan-TP 

Hi there,

I wanted to join in on this one please:

I have an ER8411 v1.0 (firmware v1.3.2) with the OC200 controller (v1.36.7), and 2 x 2008P and 1 x 2008 switched with 3 EAPs.

My wife is working from home on a PC laptop which connects to her corporate IT network via Zscaler It would appear (along with some internet searches, HERE and HERE for example ) that the functionality of zscaler has been broken with the introduction of firmwares above v1.2.3. I am not sure which broke it v1.3.1 or v1.3.2 - which I can currently running.

I have verified this by connecting the laptop to other Internet sourced and it’s ONLY when connected to our Omada network that things started going wrong (it was fine before v1.3.1 from what i remeber, which tallys with comments on this tread). Zscaler will connect, however is VERY slow and will not load certain pages/website/applications.

I was looking at the option of down grading my firmware back to v1.2.3 to try and fix this issue.. however I don’t know the effect this would have on my current settings and set up.

I know there is now v1.3.5 and v1.3.6 available but it is warned that there is no way back once these are installed, so if they don’t fix the issue, there is no way for me to get back to v1.2.3 which is where we believe it was working.

As we both work from home, it is critical that I don’t break our internet connection and lose the use of the router.

If I upgrade to the latest firmware, are you able to tell me if this will fix the issue we are having that was caused by either v1.3.1 or v1.3.2?

Or, if upgrading the firmware to v1.3.6 doesn’t fix the problem, it is possible to later downgrade to v1.2.3, after installing v1.3.6?

I am not able to afford to purchase another ER8411 for testing purposes.

We are surprised that the firmware upgrade is stopping zscaler from working correctly. Your help would be hugely appreciated

Cheers

  @Ethan-TP 

Hi,

thanks for your reply, to answer your questions....

So the rest of the network, computers etc seem unaffected, it's only when zscaler is used to connect to the corporate remote system that the unpredictable behavior kicks in.

We've not extensively done speed tests for this, however, when zscaler is connected, internet access is extremely slow or non existent. Apps like Zoom very rarely, normally never properly connect and therefore are unusable. Webpages take forever to load and more often than not time-out. Microsoft Teams seems to work, but a little sporadically.

When the same PC is connected to any other network, including mobile phone tethering (as a test) it all works ok. and as far as we can remember before the firmware upgrade (either to v1.3.1 or v1.3.2) it was also working fine. Also, when the machine is on the work site, connected directly, though still using zscaler, all works well.

This has been happening now for months, and it's only now, after some internet searching that we've landed on the firmware as the culprit. We changed cables, switches, vlans etc and there's been no difference. So yes, everything has been restarted, and rebooted over that time.

We've not got zscaler on any other of your computer, purely because it's installed by IT at my wife's company, however, we know that her laptop works fine connected to other networks, so isn't the laptop that's the issue.

Hope that helps a little?

  @Ethan-TP 

Ethan-TP wrote

  @Kramos 

You can try rolling back the firmware via recovery mode.How to use the Emergency Mode to recover the firmware for Omada Gateways
Also, is the speed issue limited to just one PC, or are other devices on your network working normally?
The firmware can be downloaded manually from our official website.Firmware Download

I can confirm Zscaler functionality works perfectly following a rollback to firmware V1.2.3 on the ER707, though the issue immediately returned upon re-upgrading to V1.3.1 (since my hardware version, V1.20, prevents the latest V1.3.2 installation that as per notes if for hardware verison greater than mine). I confirm all other network segments are behaving as expected across multiple connection types, including tethering, Starlink, T-Mobile, and my main ISP, and crucially, Zscaler functions when I use an ASUS AX86U while keeping my Omada EAPs, definitively isolating the problem to the ER707 Gateway's firmware beyond V1.2.3, a flaw I suspect is present across the 1.3.x branch for all Omada Gateways.

gskips wrote

  @Ethan-TP 

 

Hi,

 

thanks for your reply, to answer your questions....

 

So the rest of the network, computers etc seem unaffected, it's only when zscaler is used to connect to the corporate remote system that the unpredictable behavior kicks in.

We've not extensively done speed tests for this, however, when zscaler is connected, internet access is extremely slow or non existent. Apps like Zoom very rarely, normally never properly connect and therefore are unusable. Webpages take forever to load and more often than not time-out. Microsoft Teams seems to work, but a little sporadically.

 

When the same PC is connected to any other network, including mobile phone tethering (as a test) it all works ok. and as far as we can remember before the firmware upgrade (either to v1.3.1 or v1.3.2) it was also working fine. Also, when the machine is on the work site, connected directly, though still using zscaler, all works well.

 

This has been happening now for months, and it's only now, after some internet searching that we've landed on the firmware as the culprit. We changed cables, switches, vlans etc and there's been no difference. So yes, everything has been restarted, and rebooted over that time.

 

We've not got zscaler on any other of your computer, purely because it's installed by IT at my wife's company, however, we know that her laptop works fine connected to other networks, so isn't the laptop that's the issue.

 

Hope that helps a little?

 

  @gskips Hey pal

It seems like you're dealing with the same performance issues I am. Could you do a speed test on the Zscaler network to help us figure this out? The link is: http://speedtest.zscaler.com/perf. If you have Zscaler installed, it should let you run the test and get some crucial diagnostics. My numbers are consistently terrible—I always get 3 Mbps or less on download and less than 10 Mbps on upload. Let me know what your results look like. 

Ethan-TP wrote

  @Kramos 

Thank you so much for taking the time to post the issue on the TP-Link community! To better assist you, I've created a support ticket via your registered email address and escalated it to our support engineer to look into the issue. The ticket ID is TKID251155173 please check your email box and ensure the support email is well received. Thanks! Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did. Many thanks for your great cooperation and patience!

  @Ethan-TP Thanks to you Ethan

Let’s see how we can move this forward. Support typically requests running Wireshark or other diagnostic tools to perform a full analysis, but in my case that isn’t feasible since my work laptop is restricted due to the nature of our environment, and IT would not approve tools like MobaXTerm. I can check with them to see if they will at least allow the use of Wireshark so I can evaluate the traffic and identify where the network may be bottlenecking ZScaler or whatever issue is going on with the Gateway. Will keep you posted.

  @Kramos @Ethan-TP 

sorry just catching up with this.

Great, thanks @Ethan-TP I'm in touch with support now and they have access to my controller and the engineers are apparently looking at it!

Zscaler is on my wife's work laptop, so I'm limited to when she's here to do the testing, but I'll definately get her to run then speedtest. Like you @Kramos it is a locked down laptop installed by her workplace, so I'm limited to what I can do on that side of things, but it did used to work on our Omada network.

I've just mannaged to get a decent deal on another ER8411, which should be arriving in a day or two... my plan was to get v1.2.3 on there and swap out the routers, in the hope that the settings from my current router will transfer, seamlessly to the new (older firmware) router, to see if, like you, Zscaler goes back to working correctly. 

However, I may let support have a dig around my system first and see what they say before swapping out the routers.

I agree it would be good to get to the bottom of this... I know Zscaler is relatively widely used now by firms to allow secure connection to corporate networks. I really don't want to have to ditch my Omada system, or at least gateway, and reconfigure everything to make it work again, when it did before upgrading beyond v1.2.3.... something muust have changed.

My network knowledge is minimal, but happy to investigate further. We'll see what the engineers come up with first. - I'll post speed tests as and when i get a chance, hopefully tongiht.

Cheers