03-13-2010 09:39 PM
I have few questions related to design of a SSL VPN solution using ASA. I have four data centers - Chicago, New York, London,and Hong Kong.Design should be such that user should automatically connects to the nearest data center depending upon his/her location. So, if a user is in America, it should connect to New York Data center and if user is in China it should connect to Hong Kong. Also, Chicago is to be used as backup for other three data centers, ie if a user in China is unable to connect to Hong Kong it should automatically fail back to Chicago. What Options would you suggest and is this even possible? I am thinking of ACE and Global site selectors but not exactly sure. Your help is appreciated.
Thanks,
PJ
03-14-2010 08:37 AM
PJ,
if you are referring to SSL client (Anyconnect), then version 2.5 will have a new feature "Optimal Gateway Selection". This version is expected 'soon'.
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494.html
If you mean clientless webvpn, then I guess you'll indeed need to use an external load balancer. To be honest I have no idea how those work so you may want to ask more info in the Data Center forum.
hth
Herbert
03-14-2010 06:58 PM
I am looking for both client (Anyconnect) and clientless solution. If Optimal Gateway Selection feature is not included in version 2.4 of the client what are other options to achieve this?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: