Business Community > Gateways > IPSec VPN with Zscaler
< Gateways

IPSec VPN with Zscaler

IPSec VPN with Zscaler

IPSec VPN with Zscaler
IPSec VPN with Zscaler
3 weeks ago
Tags: #VPN #OpenVPN #WireGuard #NAT #IPsec
Model: ER605 (TL-R605)  
Hardware Version:
Firmware Version:

Hi,

 

I am trying to create a IPSec VPN with a Zscaler DC. 
The VPN config is fine but it throws a phase 2 error stating "INVALID PROPOSAL"  You can see the logs below, these are from Zscaler.

 



I think that this issue is coming up as TP Link does not allow to add 0.0.0.0/0 as a remote subnet.

Has anyone tried to create a IPsec tunnel with Zscaler? If yes, Please help me here.

 

 

Regards

  0      
 
  0      
 
#1
Options
1 Reply
Re:IPSec VPN with Zscaler
3 weeks ago

  @Bugs12 

Judging from this log, it should be a problem with the proposal.

Recommend you examine the log from the peer server Zscaler. If there is any detailed log about the phase or encryption that it does not support. 

Omada gears, you might try the device info and see if there is a reason listed. The device info contains certain human-readable or related information. 

 

We do not support an IPsec Site-to-Site VPN with a remote gateway and subnet 0.0.0.0/0.

  1  
  1  
#2
Options

Information

Helpful: 0

Views: 129

Replies: 1

Tags

VPN OpenVPN WireGuard NAT
IPsec
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.