- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-26-2021 05:57 AM
whether GP portal (containing Multiple GP Gateways) can automate enforcement of GP Gateways in the event when primary GP Gateway gets down due to any undesired reason.
If the failover between gateways is automatic; without users noticing that they have been disconnected and re-connected to the other gateway >
08-31-2021 08:18 AM
You can generate cookies from the portal login, you can then allow gateways to accept the cookies for authentication. It is called authentication override. We use it for one time passcodes. Works great... I would suggest that you do not accept cookies auth on portal and tick box portal as per my below...
08-28-2021 12:06 AM
No this is not possible. The user may not notice if they are just browsing or using a local app but if they are using for example .. video streaming or RDP then they will be disrupted.
GP will retry the current gateway a number of times before trying another gateway. This process time can be reduced in the GP portal config settings. This may speed the process up but be careful not to force GP refresh for slight network glitches.
08-29-2021 09:05 PM
Thanks MickBall. Please check below concern,
When GP portal has multiple Gateways, if Gateway with highest priority gets down and its not coming up, then Gateway with less priority with respect to highest one will address/assess all GP clients traffic. So, while this happen , whether users have to enter their credentials again in their GP client Application to get authenticated in order keep using GP ssl-vpn ? ( While 2nd Gateway with less priority with respect to highest one takes over, does it remain transparent to end users ? While this failover happens whether GP portal/GP client application asks/forces users to authenticate again for continuing to use GP ssl-vpn ?
For GP end users , how we can have auto failover between multiple gateways in above scenario so that users do not have to authenticate again or users need not to put their GP credentials in their GP client application in continuation to use GP ssl-vpn ?
Thanks in advance !!
Shiva Vaishya
08-31-2021 08:18 AM
You can generate cookies from the portal login, you can then allow gateways to accept the cookies for authentication. It is called authentication override. We use it for one time passcodes. Works great... I would suggest that you do not accept cookies auth on portal and tick box portal as per my below...
08-31-2021 08:44 AM
Hi Mickball,
Thanks for response!!
Since its not safe to enable cookies auth override for my requirement, Is their any other Safe way to fulfill this requirement where GP end users do not have to authenticate themselves when they are connected a GP portal which contains multiple GP Gateways and when their is failover from primary Gateway next reachable Gateway for redundancy purpose ?
08-31-2021 09:20 AM
I cannot understand your reasoning with cookies... another option would be to save user credentials but that would not be advisable, thats why theyboffer cookies.
another option would be to use certificate authentication to the gateways. Either use a domain issued cert or self signed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!