- CheckMates
- :
- Products
- :
- Quantum
- :
- Remote Access VPN
- :
- Network Location Awareness and MEP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Network Location Awareness and MEP
Will the network location awareness setting "Interface-topology-based" work for any internal interface of any gateway in the remote access vpn community?
For example, lets say there are 2 GWs:
GW A is in the HQ in NY
GW B in a branch office somewhere else
GWs A and B are both in the remote access vpn community and the network location awareness setting "Interface-topology-based" is used. A user in the branch office has the endpoint security vpn client (with "auto-connect" enabled ) installed. Will his client establish a vpn tunnel to GW A through GW B?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Benedikt_Weissl,
Multiple Entry Point (MEP) is a feature that provides a High Availability and Load Sharing solution for VPN connections. A Security Gateway on which the VPN module is installed provides a single point of entry to the internal network. It is the Security Gateway that makes the internal network "available" to remote machines. If a Security Gateway should become unavailable, the internal network too, is no longer available. A MEP environment has two or more Security Gateways both protecting and enabling access to the same VPN domain, providing peer Security Gateways with uninterrupted access.
You can use the following MEP selection methods for explicite MEP:
- first to respond > The first Security Gateway to reply to the peer Security Gateway is chosen.
- VPN domain > If the destination IP address belongs to a particular VPN domain,
the Security Gateway of that domain becomes the chosen entry point.
- random selection > The remote peer randomly selects a Security Gateway, with which to open a VPN connection.
- manually set priority list > Priorities of Security Gateways can be set manually for the entire VPN community,
or for individual satellite Security Gateways.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Benedikt_Weissl,
Multiple Entry Point (MEP) is a feature that provides a High Availability and Load Sharing solution for VPN connections. A Security Gateway on which the VPN module is installed provides a single point of entry to the internal network. It is the Security Gateway that makes the internal network "available" to remote machines. If a Security Gateway should become unavailable, the internal network too, is no longer available. A MEP environment has two or more Security Gateways both protecting and enabling access to the same VPN domain, providing peer Security Gateways with uninterrupted access.
You can use the following MEP selection methods for explicite MEP:
- first to respond > The first Security Gateway to reply to the peer Security Gateway is chosen.
- VPN domain > If the destination IP address belongs to a particular VPN domain,
the Security Gateway of that domain becomes the chosen entry point.
- random selection > The remote peer randomly selects a Security Gateway, with which to open a VPN connection.
- manually set priority list > Priorities of Security Gateways can be set manually for the entire VPN community,
or for individual satellite Security Gateways.
