We have a cluster of 2 Juniper SSL gateways. Recently we've having issues with the primary one and had to reboot it. After the reboot it came up but did not took over active role. I assume failover is done via the failover VIP button I can see in the Clustering/cluster status window.
I have to be sure on two things before initiate it though, so I hope you can help me with that.
1. Do I need to do it from currently active(leader) or currently "enabled"unit. 2. Is this a seamless procedure, i.e. what will happen with the users already connected to the leader unit, which I want to make standby, or "enabled"
Regarding the seamless experience: From an end-user experience standpoint the failover itself is seamless, however note that the actual network connections between the client and backend applications will need to be re-established and some applications (like outlook) deal well with such network level blips but some application that rely on persistent connections or dont have good auto-reconnect functionality will not deal well.
So strongly recommend doing this during maintenance window.