Automatic configuration synchronization (Config Sync) with the LANCOM VPN High Availability Clustering XL option

Example application, VPN:

VPN infrastructures have been a part of corporate networks for a long time now. The demands on the availability of VPN gateways have increased sharply in recent years. Whereas VPN solutions in professional scenarios were mainly temporary in the past, e.g. for sales representatives with VPN clients, these days home or branch offices are often permanently linked to the main office via a VPN tunnel. They support voice services (VoIP), database applications, or file services, for example. With increasing dependence on VoIP services or critical business applications, the need for reliable backup and high-availability of the VPN solution has increased.

In order for VPN services in larger-scale critical network infrastructures to remain highly available, it is advisable that you operate one or more backup VPN gateways in addition to the primary VPN gateway. In this case, the failure or downtime of a central-site VPN gateway causes another device to operate as a backup. The VPN connection is automatically established via the accessible backup central-site VPN gateway.

For this purpose the backup central-site VPN gateway needs to have the same configuration as the primary central-site VPN gateway. In particular VPN user data and the firewall configuration must be present on both devices in order for a user to be authenticated and the services to be provided correctly. This requires a manual setup of each individual device—in other words, a huge amount of work for the administrator.

New with the LANCOM VPN High Availability Clustering XL option: This option allows multiple central-site VPN gateways to be grouped into a cluster. In this way, configuration changes, features and enhancements made on one central-site VPN gateway are automatically transferred between the cluster devices, without having to make manual changes on each individual device. Common parameters in a cluster (e.g. VPN user database, firewall) remain synchronized, individual parameters (such as the IP address) are not exchanged.

The prerequisites for a device to be a valid member of a cluster are:

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo