newbie question regarding setting up redundancy with ASA5505

Unanswered Question
Oct 2nd, 2007
User Badges:

Hello all.


Me like a lot on here have inherited a network. Currently the client has a pix 501(?) acting as a firewall at 2 seperate locations. They have grown quite a bit and have also grown to depend on their outside link to the world as well. I have set up redundant dsl lines for them and am wantng advice on possible feasability of an idea.


I would like to set up an ASA5505 at their primary location. I would also like to set it up so that if for whatever reason one of their dsl lines fails, the other would pick up without having to manually failover. I am assuming this would be done by some sort of load balancing config which I understand the 5505 can do. I would also like to set up a vpn tunnel between their primary location and the 2ndary location that has the pix. would this work? I have a prelim presentation to the client on Thursday. Would this work or should I look for another solution?


Thanks


Sean B

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Danilo Dy Wed, 10/03/2007 - 06:08
User Badges:
  • Blue, 1500 points or more

Hi,


I don't think ASA5505 support Load Balancing. It does Firewall Failover in active/standby mode using Security Plus license (not the Base License). ASA5520 and above does support Firewall Failover in both active/standby and active/active mode and VPN Load Balancing using Base License.


http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/specs.pdf


Regards,

Dandy

Actions

This Discussion