We used to configure our pepvpn with bulk configurator, loading a pepvpn profile with the address and ID of the balance. Since we have upgraded to 2.6.2, everytime the config is applied by bulk configurator, the local ID is reset and must be validate on the web ui, so the vpn profiles aren’t loaded.
Is there a workaround to this behavior which prevent a full auto deployment ?
N.B. : As now, we don’t want to use the pepvpn configuration feature of incontrol, unless it’s the only way.
Please DM me your ICA s/n and enable remote assistance. We have a patch which could re-enable the ability to configure PepVPN with the bulk configurator. We could remotely patch it for you.
You need to use the site ids of both the local and remote devices for each link. Generally bulk configuration is hard to use for pepvn configuration outside of some very specific use cases. For the links to work, you’ll additionally have to have the IP addresses of at least one end of each link configured.
that our case, balance in star deployment and max router. Each have the other’s serial number for remote ID, and the Max router have the ip of the balance. we don’t use the local ID in vpn config, but until now, we have indivualize each localID with unique string. To simplify deployment, the model having the string “LocalID”, can we keep it for every Max router without having some kind of conflict ?
We do recommend using the same hardware revision to ensure that all functionally works between the Master and Slave. If you would like to try and setup HA between different hardware versions you can, but this isn’t fully supported.
If you want to establish a connection between two devices (A & B)
For device A: the configuration needs to have Local ID A and Remote ID B
For device B: the configuration needs to have Local ID B and Remote ID A
If you have a preshared key configured, the PSK values must match
For simplicity, consider the LocalID/PSK values as a username/password pair
The LocalID is the username that it will accept on incoming connections
The RemoteID is the username it will use to try to login for outgoing connections.
If you’re configuring the RemoteID’s on the balance to the SN of the Max devices, you will need to configure the localID of the Max devices to be their serial numbers
If you’re using a star topology and are using a balance 1350 as the hub, you can set the 1350 to use ‘aggressive mode’, which will allow multiple logins from the same RemoteID/PSK, and then use bulk configurator to push identical configs to all your Max devices.