Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA active/avtive failover and Load Balance ?

Unanswered Question
Sep 21st, 2007
User Badges:

I have four ASA5550 need to set up a cluster of failover also load balance, but I am confused with ASA active/active failover and Load balance? What?s the mean difference?

In active/active mode does that mean the traffic/session pick up the ASA randomly? If like this, I feel this is a sort of load balance already, right?

Looks like load balance does not maintain the session table on all the members, so that means if one member unit is dead all the session on it will be dropped and the users need rebuild the session? If things like this, it is not perfect, right? I do not want users feel any interrupt.

Need help,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
chidd Wed, 09/26/2007 - 10:17
User Badges:

Active/Active can't load balance. Load Balancing depend on Layer 3 devices. ASA Active/Active simply pass traffic origninating from Layer 3 devices (Routers, Switch).

If one member unit is dead, all session will be replicate to Standby Context (will become Active) on Peer devices, thus users doesn't rebuild the sessions.

rico_hao40 Wed, 09/26/2007 - 11:17
User Badges:

Thanks for reply.

If I only have one user group access my ASAs, so actually active/active mode is not necessary for me, active/standby is good enought?

Does that mean Active/active is only useful if I have multipul user group access my ASAs?


whisperwind Wed, 09/26/2007 - 11:36
User Badges:

Correct active/standby is for you.

Active/active is a victory for cisco marketing and a hugely misleading moniker.

IMO it is best for service providers that need to give different customers their own firewalls for some reason.


This Discussion