we migrated some locations on a customer to GRE tunnels.
All traffic will be routed per default route into the tunnel (only IP of GRE tunnel end is routed outside the tunnel).
In this scenario we now get problems with traffic authentication that is handled through redirection to gateway.zscalertwo.net. I.e. in Vienna -> resolving gateway.zscaler.net per DNS leads to the same IP address as GRE tunnel endpoint address of this ZEN.
(does not work that way ! Tunnel end IP is routed besides the tunnel and not inside!
This problem does not come up in every location. Only a few locations will resolve gateway.zscalertwo.net to the same IP that is is used as gre tunnel end at the same ZEN.
Not a good idea to use such a important IP twice which could lead to such a Problem in this scenario.
Our Default route directs to an tunnel Interface. We do not want to build a more complex routing contruct using global zen ips etc. etc. as it is not really necessary - just to keep things simple (double usage of the IP is no good idea and will lead to a problem in this scenario).
Is it just an accidental slip or is there a hard reason why this has to be that way?