cancel
Showing results for 
Search instead for 
Did you mean: 

Juniper SSL gateway failover.

Highlighted
Not applicable

Juniper SSL gateway failover.

Hello everyone,

We have a cluster of 2 Juniper SSL gateways. Recently we've having issues with the primary one and had to reboot it.
After the reboot it came up but did not took over active role. I assume failover is done via the failover VIP button I can see in the Clustering/cluster status window.

I have to be sure on two things before initiate it though, so I hope you can help me with that.

1. Do I need to do it from currently active(leader) or currently "enabled"unit.
2. Is this a seamless procedure, i.e. what will happen with the users already connected to the leader unit, which I want to make standby, or "enabled"

Many thanks.
2 REPLIES 2
Highlighted
Not applicable

Re: Juniper SSL gateway failover.

Hi,

If you want to do a manual failover, it must be done from the active. If both nodes are fully synchronized, there is no impact on the network.

I would suggest to do it from a maintenance window.

Hope it helps.
Pulser

Re: Juniper SSL gateway failover.

Regarding the seamless experience: From an end-user experience standpoint the failover itself is seamless, however note that the actual network connections between the client and backend applications will need to be re-established and some applications (like outlook) deal well with such network level blips but some application that rely on persistent connections or dont have good auto-reconnect functionality will not deal well.

So strongly recommend doing this during maintenance window.