12-06-2022 08:46 AM
Hello, we have a pair of FTDs between an on-prem data center and Azure and would like to use DNS roundrobin to load balance the client vpn connections between the pair of FTDs. The DNS name obviously would have 1 single A record pointing vpn.domain.com to 2 different FTD's outside interfaces. The tricky part is that we use Okta for SAML authentication and the FTDs are configured to use "VPN client embedded browser." I have spoken to Okta but they aren't clear whether this would work since I need to configure 2 different FTDs with the same DNS name in Okta's SAML config. In that case, does Okta return responses back to the correct FTD?
Please advise, thank you