03-01-2007 04:25 AM - edited 02-21-2020 01:25 AM
Can anyone help me , I have a problem I need to connect two ASAs with Active-active and I have three routers for three ISPs , How can I achieve the Gateway redundancy and Load Balancing.
and can I use private range from router to ASA.
Other Question is do I really need host based proxy server to acces internet.
Plz help me/
Regards
Solved! Go to Solution.
03-02-2007 12:00 PM
A solution is to use the GLBP protocol on routers (OSPF in not available in A/A ...).
"GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets."
glbp group load-balancing [host-dependent | round-robin | weighted]
(see the cisco IOS feature navigator for IOS and hardware avail.) .
http://www.cisco.com/en/US/products/ps6550/products_white_paper09186a00801541c8.shtml
HTH.
Roberto
03-02-2007 12:00 PM
A solution is to use the GLBP protocol on routers (OSPF in not available in A/A ...).
"GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets."
glbp group load-balancing [host-dependent | round-robin | weighted]
(see the cisco IOS feature navigator for IOS and hardware avail.) .
http://www.cisco.com/en/US/products/ps6550/products_white_paper09186a00801541c8.shtml
HTH.
Roberto
03-03-2007 12:44 AM
HI first of all i would like to thank to you for
such a great response,
I have a doubt again . As I know for Glbp to work you should have same subnet in your internal link of routers and ASAs , can I use private range and do the natting on ASA. As we have three ISPs with different range .
can you give me a link for A/A failover and for such type of scenarios. or document something.
It would be a great .
take care
Regards
03-03-2007 07:09 AM
Have you consider to use public IP addr. on the inside interfaces (the interfaces vs the ASA outside) of your rotuers on the same subnet?
If you have routers A, B and C (and you have enough numbers of public ip addr.) you can use the public IP subnet of A also on the eth interface of B and C and configure the GLBP on this subnet.
Active/Active Failover for ASA 5500
http://www.cisco.com/E-Learning/bulk/public/celc/Cisco_QLM6_ASA_beta/course_skin.html
Online Learning Modules
http://www.cisco.com/en/US/products/ps6120/tsd_products_support_online_learning_modules_list.html
Configuration Examples and TechNotes
http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html
Regards.
03-04-2007 07:45 PM
Thanks a lot , I got my answers.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide