does anybody have a VPN tunnel to Zscaler via a Meraki MX?
We got some issues that if we have many sub-networks (local networks on the MX) configured, Zscaler support is complaining that we have too many policies configured (VPN SA). But we use IKEv2 so that shouldn't be a problem at all, that what also the Meraki support tells us. Now I reduced the local networks to 4, but they are still not happy with our configuration.
Has anyone faced the same problem with them? Do you have a good solution for this case?
how is failover working between zscaler frankfurt and munich.
at branch sites i have internet and mpls. i am planning to advertise proxy 1 ip via primary link (i.e private subnet of non meraki vpn peer), proxy 2 ip via secondary/backup zscaler link initiated via local internet link. while proxy 3 will be advertised via autovpn (proxy 3 will be advertised via zscaler in dc). all 3 proxy ip addresses will be configured in the pac file. any thoughts on this?