Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1013
Views
0
Helpful
2
Replies

Load Balancing between two ISP Links including VPN Traffic.

nikuhappy2010
Level 1
Level 1

‎09-15-2010 10:52 AM - edited ‎03-11-2019 11:40 AM

Hello Experts:

We have Cisco ASA 5505 being used for our office and there are two ISP links where-on we configured first ISP link as a primary link and second connection for failover but second link is useless as firewall doesn’t support load balancing between the links.

There are around 10 sites are connected through VPN which are configured with primary link. I tried to configure the STS Tunnel on secondary link so that if primary link goes fail then the remote sites which are configured on STS Tunnel to be accessible by second ISP link but we can’t allow the same as well and internet will only work when the primary link goes down.

Now, we are planning to put the other device/appliance so that two bandwidths share the traffic and are fully redundant and I supposed Juniper firewall supports the same, if yes then pls. advice to go with that. I would also ask from experts if there is another alternative solution they would suggest for that.

Regards,

Vinay Gupta

Labels:
0 Helpful
2 Replies 2

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎09-15-2010 05:21 PM

The ASA as you mentioned will not load balance traffic between internet links.

The ASA can do some load balancing if configured in multiple context mode (but it will not support VPN and has other limitations as well).

If you place a router, then the router can load balance the traffic and depending on the IOS can handle the VPNs as well.

Federico.

0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to Federico Coto Fajardo

‎09-15-2010 08:25 PM

As we see this question posted on our forum quite often, I wrote this document that we can refer people to.

https://supportforums.cisco.com/docs/DOC-13015

-KS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card