I have a dedicated VPN gateway for remote users and a main cluster of two nodes.
Identity sharing is enabled on the cluster and gateway, but when switching occurs on the active/passive node cluster, remote access users lose access.

There is no IPsec between the VPN gateway for remote users and the cluster.

How can I synchronize the data obtained by Identity sharing between the active and passive node of the R81.20 cluster?

I looked at it https://support.checkpoint.com/results/sk/sk183274 but this is not exactly the case, and the value for the cluster is already empty in the database.

I found that caching can be enabled in 81.20 take 70 and higher, but I'm not sure if it will help in this case:

1. Prerequisites

• Ensure your cluster is running R81.20 with Jumbo Hotfix Accumulator Take 70 or higher.
• You must configure all cluster members in the same way.

2. Enable Identity Cache Mode

On each cluster member, run the following command in Expert mode:

pdp identity_cache_mode enable

• This command enables the Identity Cache Mode, allowing both cluster members to store and synchronize identity data.

3. (Optional) Enable Extended Info Storage for Debugging

If you need to store extended identity information for debugging, you can enable it with:

pep extended_info_storage enable

• To disable, usepep extended_info_storage disable.

4. Important Notes

• Always configure both (all) cluster members identically.
• For VSX environments, run the commands in the context of the relevant Virtual System (usingvsenv <VSID>).
• For Maestro or Chassis platforms, run the commands in Expert mode on the relevant Security Group.