[topher]

Today a remote user’s cert expired.
I revoked the cert extended the expiration date and initiated a new cert. i saved the policy (not push) and relayed the registration key via phone to the local tech. the new cert was generated successfully, & they where able to login to HQ, but when the user tried to RDP to a remote office they received notification there login had expired.
Do i need to open the policy on each remote fw cluster and save/push the policy or will all vpn user credentials get re-synced across all fw's?