Create a Post
Showing results for 
Search instead for 
Did you mean: 

Management of Remotely Located Firewalls that Use ISP Redundancy

Howdy experts. I have a customer that is going to be running a gateway at a remote site. Management and one gateway will be in one site, with a second gateway in another location. Both gateways will be using Primary/Backup ISP redundancy. 

I'm struggling to find the best way to manage the gateway at the remote site. In the past, I've managed the gateway through either a VPN connection between the primary site gateway and the secondary site gateway or, if a VPN is not in the equation, just through the internet facing interface of the gateway.  By "manage" I mean management server to gateway, not WebUI or SSH.

Since the gateway will basically have two IP addresses that are internet facing, should I manage the gateway from the external interfaces or should I manage it through a VPN to the IP on the internal side of the firewall? Is there a prevailing best practice here? 

Also, can a management appliance manage gateways through different interfaces, for example, one gateway is reachable from management through the MGMT interface while the other is reachable through the Eth1-01?


0 Kudos
1 Reply

The answer is yes, you can use dual home management server to talk to the GWs. Mind MGMT to GW routing though.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events