When user logs in for the first time in their windows 365 cloud pc using windows app, it logs in and within few seconds the session gets disconnected and goes to retry counter and keeps on trying to reconnect. After closing the windows app and retrying again, the cloud pc gets connected fine. When checked, this was caused by the zScaler VPN.
Below article explains in depth as why zScaler and other VPN cause this issue at first cloud pc login.
Download the Powershell script from here and run it to fetch the Ip addresses in a csv format as per the article.
After that copy the Ip addresses from the csv file and In the Zscaler Client Connector Portal go to ‘App Profiles’ then choose the policy to be applied to the Cloud PCs and click Edit
In the App Profile, paste the IP addresses from the csv into the ‘HOSTNAME OR IP ADDRESS BYPASS FOR VPN GATEWAY’ field and click the plus sign and the IP addresses should be successfully added to the configuration.
Also add the below two IP that is used for critical communication to the Azure fabric in the configuration too.
169.254.169.254 - Azure Instance Metadata Service endpoint
168.63.129.16 - Cloud PC Health Monitoring
Once done, on the zScaler client connector go to More - About - click on update policy. Once done, the new app profile policy will be applied.
After this, when you close and reopen the windows app and connect to the windows 365 cloud pc, the disconnects at first login should be disappeared and the connection should be constant.
Major point to note is that the Gateway address changes once in every month and so we have to run the script to obtain any new IP address and add it again to the ZScaler App profile policy.