There is 1 caveat, LDAP traffic is dropped when the remote GW is trying to authenticate the user with the central AD server as it is not encrypted, this needs to be excluded from the f file on secondary connect enabled has been the default setting since it was added to the client a long time ago.
On top of the extra load on the internet line of the US site the latency for the user is far to high.Īdding all gateways to the RA community solves all these issues. In your version a user located at home in Brasil wants to access his files in their Brasil office, he would need to connect to the US office, go through a VPN to Brasil access the file, which is then send through a VPN to the US and from there to the user.
Double-click the Security Gateway object. From the left navigation panel, click Gateways & Servers. You configure the settings in SmartConsole. Their challenge was an office in Brasil with a local server and one main site in the US, one in Europe and one in China. By the way, if you look in demo dashboard, you can see same settings. Well, your setup with 3 different AD's is a bit different, but I have 2 customers running with this setup, one with sites all over the world with 3 sites connected with MPLS but all other sites with only a VPN connection.