1-8
VPN 3002 Hardware Client Getting Started
OL-2854-01
Chapter 1 Understanding the VPN 3002 Hardware Client
Additional Software Features
Be aware of the following characteristics of the backup server feature:
•
If the VPN 3002 cannot connect after trying all backup servers on the list, it does not automatically
retry.
–
In Network Extension mode, the VPN 3002 attempts a new connection after 4 seconds.
–
In Client mode, the VPN 3002 attempts a new connection when the user clicks the Connect Now
button on the Monitoring | System Status screen, or when data passes from the VPN 3002 to the
VPN Concentrator.
•
A VPN 3002 must connect to the primary VPN Concentrator to download a backup server list
configured on the primary VPN Concentrator. If that VPN Concentrator is unavailable, and if the
VPN 3002 has a previously configured backup server list, it can connect to the servers on that list.
•
It can download a backup server list only from the primary VPN Concentrator. The VPN 3002
cannot download a backup server list from a backup server.
•
The VPN Concentrators that you configure as backup servers do not have to be aware of each other.
•
If you change the configuration of backup servers, or delete a backup server during an active session
between a VPN 3002 and a backup server, the session continues without adopting that change. New
settings take effect the next time the VPN 3002 connects to its primary VPN Concentrator.
You can configure the backup server feature from the primary VPN Concentrator or the VPN 3002. From
the VPN Concentrator configure backup servers on either of the Configuration | User Management | Base
Group or Groups | Mode Configuration screens. On the VPN 3002, configure backup servers on the
Configuration | System | Tunneling Protocols | IPSec screen.
The list you configure on the VPN 3002 applies only if the option, Use Client Configured List, is set. To
set this option, go to the IPSec Backup Servers parameter on the Mode Configuration tab of the
Configuration | User Management | Groups | Add/Modify screen of the primary VPN Concentrator to
which the VPN 3002 connects.
Note
The group name, username, and passwords that you configure for the VPN 3002 must be identical
for the primary VPN Concentrator and all backup servers. Also, if you require interactive hardware
client authentication and/or individual user authentication for the VPN 3002 on the primary VPN
Concentrator, be sure to configure it on backup servers as well.