Based on multiple reports and data analysis, it is observed that certain ISPs deprioritize UDP-based traffic which includes DTLS. DTLS is the primary transport protocol for Z-Tunnel 2.0. Such de-prioritization leads to performance issues towards internet destinations. This sometimes leads to the inability to access the destination.
Note that the DTLS uses UDP over port 443 whereas TLS uses TCP over port 443.This is a situation-dependent configuration
Zscaler works well with both these configurations. However, the processing of the DTLS by the ISP's routers is of concern since a few hops might not be processing the DTLS traffic effectively.
As a work around you can select TLS as a tunnel version selection.
