05-05-2022 09:51 AM - edited 05-05-2022 09:55 AM
Hi
We have Zscaler proxy in our environment. And we have created IPSEC tunnel between on prim ASA to Zscaler cloud.
Firmware Ver 9.12
Zscaler have limited B/w for each IPSEC tunnel to 200 Mb. Currently is tunnel is sourced from outside interface ip. Now we need to create more IPSEC tunnels to over come B/w limit.
As per Zscaler if multiple tunnels have same source IP then it will be considered as 1 and accumulate b/w will remain 200 Mb.
We thought of creating loop back ips with static public Ips and use them as tunnel source. Now ASA dont support loopback so need alternative.
05-05-2022 10:09 AM
Zscaler proxy support VTI ?
if it support then config multi VTI in ASA using same OUT interface.
05-05-2022 10:28 AM
No it only support Policy based vpn. No route based. VTI interface might not help.
05-05-2022 10:56 AM
Add a second/third/forth ASA?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide