Video Screencast Help

How to configure PGP Desktop comunication with two and more PGP Universal Servers

Created: 17 Oct 2012 | 6 comments

Hi people,

I have this scenario two universal server in cluster, when the first universal server is down the clients PGP Desktop lose communication.

I need how to configuration this PGP Desktop for two and more universal server this scenario used netshare.


Comments 6 CommentsJump to latest comment

Sarah Mays's picture

you need a load balancer

A load balancer creates a 'virtual' ip/dns name for all of your clients to point to. the load balancer will handle failover when one of the PGP servers is down. You will need to specify the VIP PGP dns name when exporting clients from the real PGP universal server. 

Page 37 and of the admin guide explain how to name a PGP universal server behind a load balancer,

Alex_CST's picture

Either a hardware load balancer or if you dont have the option for that you could use round robin DNS, but this is more flakey.

Please mark posts as solutions if they solve your problem!

Ronaldo.Santos's picture


I don´t have balancer.

These servers are on the same LAN networking the machines. 

The pgp desktop client should be equal to the sep.

The client has a file of sep sylink.xml to communicate with both servers without the need for a load balancer.

Not all customers have a load balancer and also because sometimes the cost is too high.

This material course do PGP explain more less about cluster using ROUND ROBIN.


Sarah Mays's picture

load balancer or round robin DNS is required to do proper clustering with the current version of PGP universal server.

I suggest you talk with PGP sales/product manager/tech support about submitting a feature request.. maybe it's already on the roadmap?

mwoj's picture

This sounds like a valid request, as other Endpoint-Software (including Symantec) does have the option to specify more than one Managment Server to contact, in case one of them is not available. I had serveral customer asking for this, because they don't have a loadbalancer, and RR-DNS does not give failover.