Security

Hello,

 

My organization is using VIA to terminate into 7210 Controllers. The profile that we have lists two controllers for redundancy. Currently, I can only connect to the controller that is listed first in the profile.xml file. When I select the alternate controller in Settings > VPN Profile > Server and attempt to reconnect, I get an error code:-8949 Failed to establish a secure session. If I edit the profile.xml file, and place the alternate server above the previous preffered server, then clear the profile, close the VIA application, and restart it with the newly updated profile, it connects to the new preferred controller fine, but again will not connect to the alternate (previously preferred).

 

Has anyone experienced this behavior and know of a solution that will allow me to switch between controllers without editing the profile.xml file or clearing the profile?

 

Some addition information, the VIA client version is 3.2.1.0.101689 and is installed on Windows 10 systems. It is authenticating via RADIUS/Clearpass and user certificates.

Do you have the same firewall rules to allow UDP/4500 that you are using for the primary controller?

Are the VIA connection profiles / VIA pool / VIA user-role also configured on the backup controller ?

Sent from Mail for Windows 10

Yes. Both controllers work fine individually when their IP address is listed first in the profile.xml file. The problem occurs when switching to the second controller IP address in the profile. It doesn't matter which one it is, it fails.