The following table lists Universal ZTNA known product issues. Issues are grouped according to ID prefix and sorted within their group with the most recently logged issue listed first. Issue IDs are in descending order.
| Issue Name | Description |
|---|---|
| CFD-12203 | FQDN Applications are only retrieving the first A record of the application. |
| UZ-3129 | Device login or posture failures are not reported on the insights table. |
| UZ-3171 | Applications with SSO enabled are not accessible through agentless web access. |
| UZ-3716 | Under , connected user and hostname of device are incorrect. |
| UZ-4405 | When Universal ZTNA managed SSID is renamed the "State" changes to "N/A". |
| UZ-6553 | The application cannot be added with two different connectors due to technical limitations on the WireGuard/IPSec tunnel side. If an application is configured with two connectors and access is granted for both, the application access will fail to function correctly on all platforms . |
| UZ-6732 | When the Service Connector is down, in Application Discovery, the application status remains in "Activating" until the Service Connector is up again. The Service Connector can be activated from the UI if it was deactivated or by turning on the Service connector if it was turned off from the machine. |
| UZ-7277 | When syncing a device from Intune Mobile Device Management (MDM), only the wireless MAC address is displayed on the MDM page within Universal ZTNA. The Ethernet MAC address is not shown, which may impact wired authentication workflows. |
| UZ-8434 | During device and device group synchronization from Microsoft Intune, the expected default device groups "MDM Corporate Owned" and "Employee Owned" are not automatically created. As a result, devices are not dynamically categorized based on their ownership status, which may impact policy enforcement and access control. |
| UZ-8471 | Site list takes 10 seconds to load with 1000 sites. |
| UZ-8773 | On IPSec/ Android, DNS cannot be unset without turning off the tunnel. On network switch there is slight disruption in network causing tunnel to break but DNS remain set. Therefore, once internet is back the DNS resolution will be failing and apps remain in connecting state. |
| UZ-8899 | Updating an existing Hybrid or Network Policy to remove the I-ISID will fail to remove the NSI from the corresponding policy-profile on ExtremeCloud IQ Managed Switch Engine devices. The following message may be seen in the Activity Log; "update with defaultNsi not allowed unless defaultVlan and defaultAction specified or already configured". The workaround is to delete the Hybrid or Network Policy and re-create it with the new configuration. |
| ZTNA-15224 | No entries in activity log are created for actions performed in Device Posture admin screen. |
| ZTNA-21536 | Unregistered devices and network location conditions both show up stale SSIDs in the desktop agent and Universal ZTNA, respectively. |