Starting from Jumbo Hotfix Accumulator for R81 Take_34, Scalable Platforms are aligned with the following standard Security Gateway features:
- VPN Tunnel Interface (VTI)
- Route Based VPN
- Enable BGP and OSPF Dynamic Routing Protocols on VTIs
- Tunnel Management - Permanent Tunnels
- Tunnel Testing for Permanent Tunnels
- Dead Peer Detection (DPD)
- Link Selection
- Service Based Link Selection (sk56384)
- IP Selection by Remote Peer
- High Availability
- Load Sharing
- Outgoing Route Selection
- Back-to-back tunnels (hub and spokes)
- Maestro as a Center in a Star community - Satellite peers can communicate with each other through the Center
- Client-to-Site Traffic over a Site-to-Site VPN Tunnel (Client > Maestro > Peer > resource)
- Client to Site to Client through a Maestro Gateway (Client > Maestro > Client)
- VPN local connections originated from Maestro SGMs
- Initiate a connection from an SGM if the connection's destination requires encryption
- Identity Awareness via VPN - The Identity Source (users database) can be located across a VPN tunnel (especially in the cloud).
Note that due to major design changes, an upgrade from Jumbo Hotfix Accumulator for R81 (lower than Take_34) to Jumbo Hotfix Accumulator for R81 (Take_34 and higher) requires a maintenance window, because VPN traffic impact is expected.
Note that all SGMs should run on Jumbo Hotfix Accumulator for R81 Take_34 and higher (running with incompatible versions can cause VPN traffic impact).
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|
