Operational Defect Database
BugZero found this defect 4457 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3YMSAY
Mobile VPN with SSL user cannot access some remote networks through active/active FireCluster
Last update date:
6/23/2016
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
This issue applies to Mobile VPN users who try to connect to resources at the other end of a branch office VPN that terminates on an active/active FireCluster.In an active/active FireCluster, the FireCluster master receives and processes Phase 1 of the BOVPN session, then delegates Phase 2 negotiation to itself or the backup Master, depending on bandwidth and available resources. In an active/active FireCluster, the FireCluster master handles and processes all Mobile VPN with SSL connections.When a Mobile VPN with SSL user tries to access a network resource and the BOVPN Phase 2 negotiation is being handled by the backup master in an active/active FireCluster, the network connection can fail.
Workaround/Solution
None
