cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

Multiple global protect portals and gateway

L1 Bithead

Hello, 

we have 2 palo 850 with 2 isp:

primary 1.1.1.1/28 

backup  2.2.2.2/28

most of the zones navigate with the primary and few with the backup

We have a failover to the backup in case the primary isp goes down.

We have globalprotect portal and gateway with a loopback interface all on the primary (1.1.1.5/32)  vpn.domain.it

This days we are all smartworking because of the global pandemie ,conected via the global protect client .

Our concern is that if the primary isp goes down we have to suspend our smartworking because we can not connect anymore .I read the discussions and documentation on multiple isp globalprotect configuration faillover and all talk about configuring 2 VR and i must say that they are too complicated for my level of knowledge and i don't want to mess up the actual working configuration. 

In order to solve the problem i tryed to clone the portal gateway and loopback on the backup isp(2.2.2.5/32)vpn2.domain.it, but it doesn't work. I see the requests in allow but aged-out. Where am i wrong? Is it possible to have a seccond globalprotect vpn gateway?

 

 

Who Me Too'd this topic