Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1350
Views
0
Helpful
4
Replies

Does Zscaler IPSec support with Cisco FTD?

kay.kang
Level 1
Level 1

‎07-25-2022 10:25 PM

Hi,

My company is operating ASA 555(version 9.4) and Cisco ASA516-x Threat Defense(version 6.6.5).

Are they supporting IPSec connection to Zscaler Cloud?

Labels:
0 Helpful
4 Replies 4

johnd2310
Level 8
Level 8

‎07-25-2022 10:59 PM

Hi

The firewall running ASA should be able to connect to zscaler:

https://help.zscaler.com/zia/ipsec-vpn-configuration-guide-cisco-asa-55xx

I am not sure about the FTD. Zscaler don't seem to have configuration templates for FTD.

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

buffkata
Level 1
Level 1

‎11-29-2022 03:10 PM

Hi,

Did you end up doing this. I am supposed to do it - but I see some obstacles( like a Cisco  bug that prevents NULL encryption).

0 Helpful

buffkata
Level 1
Level 1
In response to buffkata

‎11-29-2022 05:58 PM

Actually when I added the configuration it messed up the NAT on the FTD and my RAVPN stopped working. Has anyone been able to figure this out with an FTD ?

0 Helpful

eappelboom
Level 1
Level 1

‎03-05-2024 01:14 AM

https://zscaler.my.site.com/customers/s/article/000006209   1. Cisco FTD has deprecated "ESP-NULL" encryption for IPSec Phase 2 which is normally how the tunnels against Zscaler get built. For Zscaler to support IPSec Phase 2 encryption, you need to purchase an additional license ZIA-ENC-VPN.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents