I am looking to integrate Cisco ISR 4321 (IOS XE SDWAN) capable router , sitting behind firewall with Zscaler Public IP's?
Please note that I can't provision public IP/Internet link directly on the SDWAN router. Zscaler ZEN node supports IPsec tunnels with NAT-Transversal feature.
Can someone please guide if this is possible through NAT-T feature??? IPsec tunnel will use the public IP on my WAN firewall and destination as ZEN node IP in the region? What option should i choose in device templates to do NAT-transversal?? IPsec tunnels on IOS-XE-SDWAN routers are service-side tunnel..