This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Add existing UTM to SUM

Scenario:

  • 4 SG310s in total, 2 pre-existing and 2 newly acquired
  • Existing SG310 active/passive pair (Internet gateway: utm-inet)
  • No central management (yet)
  • Features in use on utm-inet: firewall, NAT, web proxy, application control, WAF, OpenVPN, SMTP proxy, ...
  • Freshly installed SUM
  • Freshly installed SG310 active/passive pair (internal-to-internal "east-west" traffic: utm-ew)
  • SUM and utm-ew integrated

I have set up SUM with our new east-west firewalls, which works fine. However I am concerned that integrating our existing UTMs (utm-inet) with the SUM might break things.

For example, I saw that the SUM has its own "VPN CA". What happens if the existing UTM gets integrated into the SUM? Will the SUM's VPN CA take precedence over the UTM's VPN CA? What happens with our existing VPN users (and their certificates), will they be rendered invalid?



This thread was automatically locked due to age.