Hi, I have a scenario, my MDS and CMA is in Site A and CP Gateway is in Site B.
CP Gateway in B is perimeter firewall(cluster) and VPN is configured on this gateway to connect from site A to B.
A and B are connected over VPN(Internet). There are multiple VPNs from A to B using multiple ISPs.
Until and unless the VPN are up and running, I guess everything is fine.
However, if the primary VPNs fails, I wish the VPN 2 should be up without intervention.
As per my knowledge, to bring another tunnel up, CP gateway need the connectivity to CP-SMS(I guess for CRL check) which in the scenario wont be possible.
How can I achieve this and still able to manage teh CP-gateway in B using the mgmt server in Site A after the primary VPN fails. (I know installing a local SMS in site B is a solution, however thought to check if there is any other option available.
MGMT is MDS(80.10)
SG is R77.30