AnsweredAssumed Answered

Identity sharing in a split R77/R80 environment

Question asked by Gary Partner on Nov 12, 2018
Latest reply on Dec 4, 2018 by Dameon Welch-Abernathy

Approximately halfway complete with migration to R80.10 from R77.30.  Have encountered errors related to identity awareness, and what appears to be identity sharing that's failing between gateways running R77.30 vs R80.10.  This is causing one segment of my users to be unable to connect to the Internet.  From what I've found so far it looks to be due to the fact that identity sharing services are not implied between the 2 versions, therefore tcp/15105 and tcp/28581 are blocked by the R80.10 gateways.  We are using the identity collector for the R80.10 gateways, AD Query in R77.30 with a distributed environment with PEPs and PDPs.  Can anyone speak to a recommended workaround until I'm able to migrate the remaining gateways to R80.10? 

Attachments

Outcomes