firewall active-active

Answered Question
Apr 20th, 2010
User Badges:

I am trying to understand why ASA firewall doesnt do loadbalancing or loadsharing in normal active-standby mode.

why does it need to be in context mode to be run as an active-active firewall.


Appreciate all your help!

Correct Answer by Jon Marshall about 6 years 11 months ago

suthomas1 wrote:


I am trying to understand why ASA firewall doesnt do loadbalancing or loadsharing in normal active-standby mode.

why does it need to be in context mode to be run as an active-active firewall.


Appreciate all your help!


It's important to understand that within each context one firewall is active and one firewall is standby. So if you had 2 contexts - C1 and C2


fw1 is active for C1 and standby for C2

fw2 is active for C2 and standby for C1


note fw1 & fw2 cannot both be active for the same context.


So in an active/standby mode with only one context you cannot do load-balancing because only one of the firewalls can be active per context.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Tue, 04/20/2010 - 09:18
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

suthomas1 wrote:


I am trying to understand why ASA firewall doesnt do loadbalancing or loadsharing in normal active-standby mode.

why does it need to be in context mode to be run as an active-active firewall.


Appreciate all your help!


It's important to understand that within each context one firewall is active and one firewall is standby. So if you had 2 contexts - C1 and C2


fw1 is active for C1 and standby for C2

fw2 is active for C2 and standby for C1


note fw1 & fw2 cannot both be active for the same context.


So in an active/standby mode with only one context you cannot do load-balancing because only one of the firewalls can be active per context.


Jon

Actions

This Discussion