Hi All, We have been experiencing some odd behavior with our Global Protect Client VPN and I wanted to better understand what our design should look like and if we had conflict somewhere. Our organisation currently uses Azure Traffic Manager to distribute requests for vpn.organisation.com to geographically separated Palo Alto Gateways (based on a priority setting in azure rather than geo). We have 3 external gateways configured: External Gateway 1 - europe-vpn.organisation.com External Gateway 2 - australia1-vpn.organisation.com External Gateway 3 - australia2-vpn.organisation.com I have been investigating the each of the 3 external gateways configuration and noticed the following: GlobalProtect Portal Configuration --> Agent --> Configs Each site appears to have 2 x external gateways configured, for example: External Gateway 1 europe-vpn.organisation.com vpn.organisation.com External Gateway 2 australia1-vpn.organisation.com vpn.organisation.com External Gateway 3 australia2-vpn.organisation.com vpn.organisation.com Ultimately my question is as follows: Will using Azure Traffic Manager along with each External gateway having the configuration as described above, cause a conflict in the way that the gateways operate? I suspect that the individual external gateways 1/2/3 are using their own selection criteria and conflicting with what Azure Traffic Manager is doing. From some positive testing results, it looks like the external gateways 1/2/3 only need to have themselves configured so that the Azure Traffic Manager can do what it's supposed to do. Thanks in advance for any advice, if I haven't explained clearly enough, please let me know.
... View more