What is the difference between Location and sub-location

Want to know the difference enabling the “Enforce Authentication” and “Enable SSL inspection” on Location and Sub-location.
Will it act as same or any difference is observed.

Because there is a limitation on sublocation for authentication exists with only 2000 IPs
Is there any other limitation for Location?

Hello Girish,

I guess it might depend on your setup. We use GRE tunnels to connect our traffic to ZIA and each location is a GRE tunnel with its own public IP address, we have then defined sub locations for different internal networks and IP addresses. The sublocations simply offer more granular control, so that for some source IPs you can turn SSL interception, authentication, etc on or off.
Not sure how Zscaler Private Access works, but to me your question seems to apply more to ZIA anyway

All the best,

Hi Peter,

Thanks for the explanation.
We use GRE tunnel with public ip address.
My question is to know if we enable the UA on location will it work just like sublocation? or does it behave differently. also to know if there any limitations.