Skip to main content

Zscaler Z-Tunnel 2.0

note

This feature is in Explorer Maturity. The EA maturity gate will be at mid of november 2023.

This document aimed to be a support for any user on-board on the Tunnel 2.0 Zscaler feature.

What is Zcaler Tunnel 2.0 ?

By default, TNAP users use Tunnel 1.0. Recently, Zscaler offers an improvement called Tunnel 2.0 by providing a gateway solution.

Use cases covered:

  • IP anchoring meaning the IP used by your TNAP will be managed by TDF
  • Proxying traffic to internet on another port than 80/443

Flow Architecture with Tunnel 2.0

Tunnel2-0.PNG

How to enable the feature ?

For now, the feature is under testing, so no available to TDF users. Once the feature will be in EA/GA, it will be applied directly to your TNAP, without any additional enrollment.

The single action required is to update the policy on your side:

  • Open the Zscaler Client application. You should see:

img

  • then select "more"

img

  • Finally, click on "Update Policy".

Troubleshoot

For any help on this refer to the Tunnel 2.0 Troubleshoot