Certain third-party software conflicts with the SASE client, causing it to fail to start or connect. This page identifies the conflict categories, lists the affected software, and provides resolution steps for each.
| Conflict type | Affected software (examples) | Resolution |
|---|---|---|
| VPN software | UniAccess, Sangfor EasyConnect, FortiNAC, Tencent iOA, Feilian, OpenVPN, Huawei VPN | Shut down or uninstall the conflicting VPN; or configure each client to use a different network mode |
| Security software | Tencent PC Manager, Palo Alto, Qi An Xin Tianqing, AsiaInfo Security, 360 Total Security, Kingsoft Antivirus, Avira, Huorong Security | Add SASE client processes to the security software's whitelist |
| Proxy software | Clash, ClashX | Shut down or uninstall the proxy software; or use the SASE Enterprise Acceleration feature |
VPN software
Why it conflicts
Network conflicts occur when two or more VPN clients run simultaneously and use the same network mode, such as network interface mode.
Affected software
UniAccess, Sangfor EasyConnect, FortiNAC, Tencent iOA, Feilian, OpenVPN, Huawei VPN, and others.
Resolution
Shut down or uninstall the conflicting VPN software. This is the preferred approach.
If shutting down or uninstalling is not an option, configure both clients to use different network modes so they do not compete for the same traffic path:
Set the SASE client network mode to Redirection Mode. See Network settings for instructions.
Set the conflicting VPN software network mode to Routing Mode.
After completing the configuration, verify that the SASE client connects successfully and that traffic routes as expected.
Security software
Why it conflicts
Some security software applies mitigation policies that flag SASE client processes as unknown or potential threats. When triggered, the security software blocks or terminates those processes, preventing the SASE client from starting or running correctly.
Affected software
Tencent PC Manager, Palo Alto, Qi An Xin Tianqing, AsiaInfo Security, 360 Total Security, Kingsoft Antivirus, Avira, Huorong Security, and others.
Resolution
Contact your IT or security administrator and ask them to add the SASE client processes to the whitelist (also called the trust list or exclusion list) in the security software's management console. The complete list of required processes is available in the SASE product documentation or the SASE management console.
Proxy software and others
Why it conflicts
This type of software intercepts and processes network traffic by modifying system proxy settings or creating a network interface. This conflicts with how the SASE client routes traffic.
Affected software
Clash, ClashX, and others.
Resolution
Shut down or uninstall the proxy software to allow the SASE client to run correctly.
Alternatively, use the Enterprise Acceleration feature on the SASE platform instead of local proxy software. For setup instructions, see Cross-domain Acceleration Best Practices. For more information, see Cross-domain Acceleration Best Practices.