AnsweredAssumed Answered

VSX - Remote access on multiple VS

Question asked by Alex Gilis on Oct 16, 2018
Latest reply on Oct 23, 2018 by Philip W

OK so a customer is having this scenario:

 

due to a merger, we have configured one new virtual firewall (vfw-xyz) that will also be used for the sub-company’s suppliers to connect via SSL Network Extender.

We configured SNX on this new firewall (vfw-xyz) and added it to the Remote Access community (so now the OLD vpn firewall (vfw-abc) and the new firewall (vfw-xyz) are part of the 1 default Remote Access community). A few days later we noticed that remote access on the OLD firewall (vfw-abc) stopped working. We removed the new one (vfw-xyz) from this community and now remote access works on BOTH gateways.

 

So here our questions:

1) Is this behavior expected? In other words: can only 1 GW be used in the Remote access community?

2) How come remote access now works on the 2 GWs even though only one of them is a member of the Remote Access community?

 

We thought of editing the MEP file, but it was confirmed by TAC that on VSX, there is only one that is shared by all systems. It's a specific case I never encountered before, I wondered iof the community had experience in this?

Outcomes