Authenticated zero trust network access - ZTNA
1 vote
We use ZTNA to authenticate connections to our Devolutions server over the WAN. This works fine with both RDM and the web GUI, however, the Workspace App seems to require a VPN connection - there is no way to choose or set the ZTNA certificate to allow the connection.
Is this something that is on the roadmap?
All Comments (2)
Should add - ZTNA also works with the browser plugin.
Hi,
Good catch. The difference is in how each client handles TLS. RDM and your browser pick up the client certificate from your operating system's certificate store automatically. The Workspace app uses a different networking stack that doesn't read from that store, so it can't present a certificate to your ZTNA edge today. That's why it only connects over the VPN.
To point you in the right direction, could you tell us how RDM and the browser authenticate to your ZTNA layer?
- A client certificate (mutual TLS) that you select
- A local ZTNA agent (Zscaler Client Connector, Cloudflare WARP, etc.) that routes the traffic for you?
That distinction tells us whether this is something to address in the app itself or at the agent/routing level. Knowing your ZTNA solution (Zscaler, Cloudflare, Netskope, etc.) would help too.
Thanks!
Sébastien Aubin
Product manager - Password Management