My client uses VPN clients to connect securely to clients networks. They have different clients with different VPN concentrators, and thus different VPN clients.
In most cases, the VPN client connection works fine with the Tunnel 2.0 ZIA setup we are testing.
In one case, a client of theirs uses Checkpoint VPN, and while the VPN tunnel comes up nicely, the quirk is that behind the Checkpoint VPN concentrator there is a captive portal for further authentication of the user before allowing access.
The issue is, ZCC sees the remote captive portal and treats it like a standard local captive portal allowing access to the internet, and thus stops ZCC and disconnects Tunnel 2.0, which makes the VPN tunnel drop. Not exactly conducive to anything good…
This is with Windows 10 running ZCC 22.214.171.124.
Would anyone here have any suggestion on what could be done on ZIA or the ZCC configuration to avoid this issue?
Would avoiding using Tunnel 2.0 for ZIA change altogether be the best practice, by configuring ALL the remote VPN concentrators from being routed to ZIA and rather be split locally before the VPN traffic hits the packet filter driver?
Many thanks for any suggestion you might have!