Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA active/avtive failover and Load Balance ?

I have four ASA5550 need to set up a cluster of failover also load balance, but I am confused with ASA active/active failover and Load balance? What?s the mean difference?

In active/active mode does that mean the traffic/session pick up the ASA randomly? If like this, I feel this is a sort of load balance already, right?

Looks like load balance does not maintain the session table on all the members, so that means if one member unit is dead all the session on it will be dropped and the users need rebuild the session? If things like this, it is not perfect, right? I do not want users feel any interrupt.

Need help,


New Member

Re: ASA active/avtive failover and Load Balance ?

Active/Active can't load balance. Load Balancing depend on Layer 3 devices. ASA Active/Active simply pass traffic origninating from Layer 3 devices (Routers, Switch).

If one member unit is dead, all session will be replicate to Standby Context (will become Active) on Peer devices, thus users doesn't rebuild the sessions.

New Member

Re: ASA active/avtive failover and Load Balance ?

Thanks for reply.

If I only have one user group access my ASAs, so actually active/active mode is not necessary for me, active/standby is good enought?

Does that mean Active/active is only useful if I have multipul user group access my ASAs?


New Member

Re: ASA active/avtive failover and Load Balance ?

Correct active/standby is for you.

Active/active is a victory for cisco marketing and a hugely misleading moniker.

IMO it is best for service providers that need to give different customers their own firewalls for some reason.

CreatePlease to create content