We have a customer who is using the zscaler clinet connector to forward traffic to Zscaler, also the ZCC is configured with the Ztunnel2.0.
When the customer is on remote he configures a full VPN.
Also the customer choices to desactivate the ssl inspection on Zscaler and to activate it on his internal FW.
So when he activates his full VPN he remarks that the ztunnel on ZCC change from version 2.0 to version 1.0. After investigation we found that the ssl inspection on his internal FW causses this issue. we tried to bypass ssl inepction for zscaler domains definied on ips.zscaler.net but the probelm persists.
Have someone already faced this kind of problem ? or do you know which other problems we should bypass ?
PS: The cloud name used is zscalerthree.