Hello team,
We have primary VPN site for our VPN clients but we want some of them to use secondary.
Primary site and secondary site is managed by same SMS, they are connected over MPLS.
Primary site is cluster with 5600 and secondary is open server, they all run on latest R81.20 with HF26.
I tried disabling MEP and Secondary Connect but primary site is showing problems. Ill need to remove/add vpn site everytime to work. First time VPN will connect, and second time will immediately drop.
I have read this and pretty much i have same issue.
https://community.checkpoint.com/t5/Remote-Access-VPN/Two-Gateways-Serving-the-Same-Encryption-Domai...
"trac_client_1.ttm" file edited on all GWs, example bellow is from Site1 GW.
)
)
:mep_mode (
:gateway (
:map (
:dns_based (dns_based)
:first_to_respond (first_to_respond)
:primary_backup (primary_backup)
:load_sharing (load_sharing)
:client_decide (client_decide)
)
:default (primary_backup)
)
)
)
)
:ips_of_gws_in_mep (
:gateway (
:default (Site1externalIP1&#Site1externalIP2&#)
)
)
)
)
:automatic_mep_topology (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (false)
)
:default (false)
)
)
)
)
:enable_secondary_connect (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (false)
)
)
Have anyone manage to overcome this problem?
Thx