If the gateway has outgoing and incoming connection to the same gateway what are implications of that? Any dangers?
My simplistic understanding now is that only one is needed - either incoming or outgoing connection. Ideally the central gateway should have multiple outgoing connections (which are preferred) so their status can be monitored from one place.
Only one connection (incoming or outgoing) is needed. Once established, bi-directional communication is possible. Attempting to set up both incoming and outgoing connections between two gateways will cause issues and errors.
thanks for reply as i was not sure if its something just to clean or if it is fundamental error to have the connection both as incoming and outgoing. Any idea in which areas it might cause problems?
We've had to make some changes recently to try and prevent some of the issues that can result from having both setup. Fundamentally you should purge the ones you don't want (and be intentional about choosing the initial connection direction).
(and be intentional about choosing the initial connection direction).
Any chance you expand on this please? If there is central gateway i would prefer all connections to be outgoing to monitor them in one place or are there other factors to consider as well?
If there's a NAT in the path, you generally have to have the outgoing connection inside the NAT. Helpful when there are DMZs involved.
The typical first consideration usually involves your network architecture. For example, it may be desirable to manage one open firewall port to a central gateway for other gateways to "reach up to" (i.e. configure the other gateways with an outgoing connection to the central gateway). This is opposed to having multiple open ports at each of the other gateways for the central to connect to (i.e. outgoing from central to other gateways).