No Office Mode - Secondary Tunnel Resilience
This release gives No Office Mode functionality for improved ATM connectivity.
New features:
-
No Office Mode for Endpoint Security VPN for ATMs. Endpoint Security VPN does not require gateway Office Mode configuration and connects to the Security Gateway without an Office Mode IP address.
Important - If you change the client back to the regular mode after the No Office Mode client was installed, you must install the client again.
-
Interoperability between No Office Mode and Secondary Tunnel Resilience. If Secondary Connect is enabled (two tunnels: primary active and secondary backup) and office mode is disabled, the secondary tunnel continues to work if the primary tunnel disconnects. The client automatically uses the updated topology the next time it connects to the Security Gateway.
Secondary Tunnel Resilience
Terminology:
-
Primary Gateway
The Security Gateway responsible for client configuration.
-
Secondary Gateway
The second Security Gateway in a tunnel.
-
Default Gateway
The Security Gateway chosen as first to connect.
-
Roaming
A feature that detects tunnel disconnection status and tries to reconnect it.
How Secondary Tunnel Resilience Works
|
Connection State |
If Tunnel is Disconnected From: |
Roaming Tries to: |
|---|---|---|
|
Tunnel to Primary Gateway (A) is connected |
Primary Gateway (A) |
Reconnect the tunnel. |
|
Primary Gateway (A) and Secondary Gateway (B) are connected |
Primary Gateway (A) |
Reconnect the tunnel to the Primary Gateway (A). If roaming timeout is reached, the tunnel to the Primary Gateway (A) is disconnected. The Secondary Gateway (B) stays connected and is defined as the Primary Gateway. The tunnel to Gateway (A) is connected again with the encryption domain resource access, as Secondary Tunnel. |
|
Primary Gateway and Secondary Gateway are connected |
Secondary Gateway (B) |
Reconnect the tunnel. |