Netskope Help

Known Issues

Issue Number

Category

Feature

Issue Description

142352

NG SWG / CASB

Incorrect Access Method

When an app is configured for reverse proxy support, authentication flows hit Netskope IdP proxies from unmanaged as well as managed devices.

This results in the "Login Attempt" events being generated by the IdP proxies with access method as "Reverse Proxy" for the traffic steered via the client (managed) or reverse proxy (unmanaged).

When a "block" policy on a "Login Attempt" is configured it results in an additional "Login Attempt" event from the inline proxy.

137810, 139934

Steering

Upload to FTP server

When using gFTP-based FTP tools to upload a file through the Netskope tunnel, the upload fails towards the end due to a TCP close inter-operation issue between this gFTP client and Netskope tunnel.

When using FileZilla to upload large files (1G size) through Netskope tunnel, the file upload may fail if the upload takes too long and the FTP control channel times out.

Note, this large file upload issue may happen even without the Netskope client (Netskope client is uninstalled).

127100

Steering

Slow processing

When Microsoft Teams is running on Catalina, especially with the camera and screen sharing on, the Netskope client ipFilter kernel extension cannot get enough system resources to process and forward tunnel packets. This causes the TCP connection to slow down, creating an issue.

The workaround is to upgrade Catalina to Big Sur.

136045

Web UI

Clientless Access

The UI allows users to save a clientless private app without a port when toggling from the non-clientless private app (with a UDP port) to clientless.

135365

Web UI

Email alert for report export

When users try to export a CSV file for the last 90 days, the email alert and download are not working correctly.

Important Points for Netskope Cloud Firewall

  • If dynamic steering is enabled in off-premises mode, currently Netskope shows traffic steering type as “All Web Traffic” in the Netskope client configuration, however, Netskope passes “All Traffic” i.e., HTTP(s) as well as non-HTTP(s). This is a UI bug and will be fixed in release 91.

  • Netskope client will not allow any incoming connections, as Netskope Cloud Firewall is built for egress traffic. This is important if users wish to run servers on their devices, which expect incoming connection requests.