SBC 1000 drops when Zscaler tunnel is turned on

We are having an issue with our VoIP phone system after deploying Zscaler at a site. When we turn on our Zscaler tunnel on the network, the SBC loses connection. We cannot make inter-classroom calls. The teams portion of our VoIP system still works. This is the SBC Model -

We have been working back and forth with Zscaler support… I think we have finally narrowed down with them that this is a phone system and not a users machine…

We have whitelisted all IP’s and FQDN’s provided by our VoIP vendor and added them to an SSL Bypass rule too. We are going to be deploying this VoIP system to other sites soon and need this resolved. Has anyone else encountered a similar issue to this?

We used to see issues with voip devices, bypass from zscaler if possible…

Hi Ramesh,

We have tried this already. We have added an allow in our Firewall, and a SSL inspection bypass policy for all Vlans that do not support authentication.

Does Zscaler not support softphones? I see another thread here: Configuring ZPA with Avaya

I used to see issues with VOIP devices… few cannot connect completely, connects only outbound, like that. Good to have the isolated from zscaler. Or do detailed testing before rollout.

I have found this article: ZIA & Application Layer Gateway Enabled Applications | Zscaler

How do we “bypass from Zscaler by changing the configuration on the firewall or router when configuring your GRE or IPSec tunnel.”?

We have solved this issue as Zscaler does not support SIP Protocols. We had to bypass this Vlan from the Zscaler tunnel completely.