Configure Group Settings for VPN Load Balancing
Procedure
Step 1 | Choose . |
Step 2 | Click Edit on the remote access VPN policy that you want to update. |
Step 3 | Click . |
Step 4 | Click the Enable Load balancing between member devices toggle button to enable load balancing. The Edit Group Configuration page opens. Group parameters apply to all devices under the load-balancing group. |
Step 5 | Specify the Group IPv4 Address and Group IPv6 Address as applicable. The IP address that you specify here is for the entire load-balancing group and the director opens this IP address for incoming VPN connections. |
Step 6 | Select the Communication Interface for the load-balancing group. Click Add to add an interface group or security zone. Communication interface is a private interface through which the director and members share information about their load. |
Step 7 | Enter the UDP Port for communication between the director and members in a group. The default port is 9023. |
Step 8 | Enable the IPsec Encryption toggle button to activate IPsec encryption for the communication between the director and members. Enabling the encryption establishes an IPsec tunnel between the director and members using a pre-shared key. When you upgrade or downgrade threat defense devices with the IPsec Encryption option enabled, ensure there is no configuration mismatch between the management center and the threat defense to prevent deployment failures. |
Step 9 | Enter Encryption Key for IPsec encryption and confirm the encryption key. |
Step 10 | Click OK. |