Hey guys,

Not sure if this is the right board to post this in, but just wanted to see if someone could share some insight into it. I could be wrong when I say this, but Im pretty sure that when failing over a cluster or when one member reboots, that people connected to VPN via remote access should not have any interruptions...well, this is not what I experienced at all when installing latest jumbo hotfix 118 in customers environment.

These are 6000 appliances I believe running R80.40 and I uploaded latest jumbo on backup member, it installed and I saw it started to reboot and that is when I lost my RA vpn connection and when trying to reconnect, it kept saying that I could not get office mode due to license issue (??!!). That does not make any sense, since no license had been changed at all in the last 8 months. Since I had access on external interface, I was able to confirm that backup member came back, at which point I logged into external interface of current active fw, installed jumbo and rebooted.

Even after 10 mins, I could still not connect to vpn, as it kept complaining about same thing in regards to not being able to assign office mode because gateway did not have license, though I saw that fw2 (original backup) came back as master, which was expected, so that clearly shows clustering is working. Literally as I was about to call Account services to confirm the license, vpn was able to reconnect (this took about 20 mins all together at least).

Now, confusing part to me, why would remote access vpn go down during this activity? I had seen many customers do this without any issues at all...I will throw this into the mix, though not sure if it matters...their clustering shows ccp in unicast mode, but I personally dont think that should matter, as VIP would always be tied to whatever member is active.

Any thoughts? I ask because I dont them to go through this experience next time...

Thanks a lot in advance.