Hi!
I am working on this setup and would like to know what other peoples experience is with this setup.
All users will connect to their respective Primary Servers. When a Primary Server fails, the AnyConnect Client will automatically connect them to the Backup Server. Credentials will be required from the user to complete authentication to the Backup Server.
Reference -> https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance/AnyConnect_Failover_an...
The issue I have with this is, while I can connect to the backup server listed in the profile after about 1-2 minutes, this doesn't happen automatically. The client receives an administrator reset message and then has to click to connect.
My question is..
What is your experience in terms of the above expected behavior?
Solved! Go to solution.
I suspect it is not being detected as a failure - but as a planned disconnect. Simply shutting down a VMX will cause a planned disconnect and the client is not likely to failover.
How are you creating the test failover case?
Another option you could consider using is OGS (Optimal Gateway Selection). This causes AnyConnect to use the fastest responding VPN terminator to the user.
This is an option you can configure in the AnyConnect profile. You can also configure a backup server for each of the servers configured as well.
I suspect it is not being detected as a failure - but as a planned disconnect. Simply shutting down a VMX will cause a planned disconnect and the client is not likely to failover.
How are you creating the test failover case?
Another option you could consider using is OGS (Optimal Gateway Selection). This causes AnyConnect to use the fastest responding VPN terminator to the user.
This is an option you can configure in the AnyConnect profile. You can also configure a backup server for each of the servers configured as well.
I was shutting the VM down or rebooting it from within Meraki Tools. How can I test failover then?
I like the OGS feature you mentioned, however part of this is that we want to distribute users more evenly until Azure gets a vMX large and we can overcome the Medium session limitations.
>I was shutting the VM down or rebooting it from within Meraki Tools. How can I test failover then?
Create a firewall rule to block the traffic, or power off (not shutdown) the VM.
Just to confirm - Hit the STOP button in Azure?
That's how I was testing.