This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who Me Too'd this topic

Multiple global protect portals and gateway

Matteo
L1 Bithead

‎03-17-2020 12:45 PM - edited ‎03-22-2020 03:03 PM

Hello, 

we have 2 palo 850 with 2 isp:

primary 1.1.1.1/28 

backup  2.2.2.2/28

most of the zones navigate with the primary and few with the backup

We have a failover to the backup in case the primary isp goes down.

We have globalprotect portal and gateway with a loopback interface all on the primary (1.1.1.5/32)  vpn.domain.it

This days we are all smartworking because of the global pandemie ,conected via the global protect client .

Our concern is that if the primary isp goes down we have to suspend our smartworking because we can not connect anymore .I read the discussions and documentation on multiple isp globalprotect configuration faillover and all talk about configuring 2 VR and i must say that they are too complicated for my level of knowledge and i don't want to mess up the actual working configuration. 

In order to solve the problem i tryed to clone the portal gateway and loopback on the backup isp(2.2.2.5/32)vpn2.domain.it, but it doesn't work. I see the requests in allow but aged-out. Where am i wrong? Is it possible to have a seccond globalprotect vpn gateway?

 

 

1 person had this problem.
Who Me Too'd this topic
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks