We are trying to establish IPSec tunnel to Zscaler from our Meraki device. There are two ways we can do this on Zscaler side:
By whitelisting the public IP of the Meraki and using pre-shared key
Using “User FQDN” e.g. firstname.lastname@example.org and pre-shared key
We can successfully establish a tunnel using option 1 above, however, since our IP’s are dynamic, they could change at any time, or fail over to 4G backup. So, instead we want to use “user FQDN” option, however, we cannot get session established.
There is an ISP device which sits between the Meraki and the internet, however, I don’t feel like this is causing issues since option 1 above works.
We’ve enagaged Meraki support to enable IKE Agressive Mode + User FQDN via the backend, and it seems to be done, and we’ve tried adding the user FQDN to both the Local ID and Remote ID fields and the session still does not get established.
We can successfully establish the tunnel to Zscaler using User FQDN when testing using Shrewsoft VPN client.
Has anyone gotten “User FQDN” + Zscaler IPSec tunnel working? Or even gotten “User FQDN” working with some other 3rd party VPN?