07-25-2022 10:25 PM
Hi,
My company is operating ASA 555(version 9.4) and Cisco ASA516-x Threat Defense(version 6.6.5).
Are they supporting IPSec connection to Zscaler Cloud?
07-25-2022 10:59 PM
Hi
The firewall running ASA should be able to connect to zscaler:
https://help.zscaler.com/zia/ipsec-vpn-configuration-guide-cisco-asa-55xx
I am not sure about the FTD. Zscaler don't seem to have configuration templates for FTD.
Thanks
John
11-29-2022 03:10 PM
Hi,
Did you end up doing this. I am supposed to do it - but I see some obstacles( like a Cisco bug that prevents NULL encryption).
11-29-2022 05:58 PM
Actually when I added the configuration it messed up the NAT on the FTD and my RAVPN stopped working. Has anyone been able to figure this out with an FTD ?
03-05-2024 01:14 AM
https://zscaler.my.site.com/customers/s/article/000006209 1. Cisco FTD has deprecated "ESP-NULL" encryption for IPSec Phase 2 which is normally how the tunnels against Zscaler get built. For Zscaler to support IPSec Phase 2 encryption, you need to purchase an additional license ZIA-ENC-VPN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide