Manual MEP

For Manual MEP, the gateways do not have to belong to the same VPN domain. Configure the TTM file of each Security Gateway.

To configure the gateways for MEP:

1. Edit the $FWDIR/conf/trac_client_1.ttm file on the Management Server.

2. Search for the enable_gw_resolving attribute:

   Copy

   :enable_gw_resolving (
       :gateway (
           :default (true)
       )
   )

3. Make sure the attribute's default value is true.

4. Search for the automatic_mep_topology attribute, and make sure its value is false.

5. Manually add the mep_mode attribute with the required value:

   Copy

   :mep_mode (
       :gateway (
           :default (VALUE)
       )
   )

   Where VALUE is one of these:

   • first_to_respond

   • primary_backup

   • load_sharing

   • dns_based - Use this to configure Configuring Geo Cluster DNS Name Resolution.

6. Manually add the ips_of_gws_in_mep attribute with the required IP addresses:

   Copy

   :ips_of_gws_in_mep (
       :gateway (
           :default (<IP_Address_1>&#<IP_Address_2>&#...<IP_Address_X>&#)
       )
   )

   These are the IP addresses the client should try.

   • IP addresses are separated by an ampersand and hash symbol (&#)

   • The last IP address from the list must also have the &# characters.

   Example: 192.168.53.220&#192.168.53.133&#

7. Save the file.

8. Install the policy.