IPSec tunnel traffic forwarding from Azure to ZScaler


(Paul Wineberg) #1

Have seen another thread relating to IPSEC tunnel forwarding from AWS to Zscaler having problems but was wondering if anyone has had success creating an IPSEC tunnel from Azure to Zscaler?


(Scott Bullock) #2

Hi Paul,
There should be a way for Azure to initiate tunnels via Azure VWAN soon.

Other than this, AWS and Azure do not initiate any tunnel(s) to any 3rd parties, be it Zscaler’s service, or some customer specific IPSEC implementation.

Cheers,
Scott-


(Paul Wineberg) #3

Hi Scott, thank you very much. You’ve clarified in 10 minutes what Zscaler support have not been able to in 3 weeks with multiple escalations! How can they not know this? In any case, this is our first IPSEC implementation with Zscaler, when you say “soon” for Zscalers Azure VWAN, can you elaborate just how soon or if not what is best practice in the mean time?


(Scott Bullock) #4

Hi Paul,
In all likelihood Zscaler Support wasn’t enabled on this new capability when you opened the ticket, hence the run around.

In terms of dates, I’m not qualified to put a date on any new capability. The only reason I’ve mentioned it is I’ve seen it demonstrated. It’s also important to note that Azure VWAN (currently in Preview on Azure) incurs service charges, so please consider this in your decision making. Please DM your org/company so we can followup offline.

Today, if you need to originate connections from Azure, you could consider a cloud router such a Maidenhead Bridge (a Zscaler partner) or some other form of virtual/cloud-router running inside Azure.

Cheers,
Scott-