An Nguyen

VPN Authentication is Not Working on R80.10 Load Sharing Cluster

Discussion created by An Nguyen on Oct 19, 2018
Latest reply on Oct 23, 2018 by Dameon Welch-Abernathy

We have a Load Sharing ClusterXL (Multicast) setup for a while now with IPSec VPN, using OfificeMode IPs.

Previously, when the Cluster (two members active/active so we can utilize both ISP circuits) was running on R77.30 (just a couple weeks ago), everything was working ok.

 

Since the Cluster was upgraded to R80.10, VPN authentication doesn't work when both members are active.

We are using RSA Tokens for VPN authentication. However, using username/password authentication doesn't work either. 

Whichever authentication method we use, VPN authentication fails when both members are active. If we bring down one member (doesn't matter that is member 1 or member 2), VPN authentication works ok, with RSA Tokens and with username and password authentication.

 

It seems to me there is an issue with the Load Sharing ClusterXL R80.10 gateway (management server is running R80.20).

For now, I have to run cpstop on one member for VPN authentication to work.

 

Please advise.


Thanks

Outcomes