Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

configuring load balance and active active

Hi,

My client has purchased two 2951 router and two ASA 5510. He has taken 10mbps two link of different ISP.

His requirement is to use both the links simultaneously. His requirement is to loadbalance two links and ASA is to be configured Active/Active.

Kindly help me in getting configuration of the above scenario.

Regards

Suresh Kumar

Everyone's tags (1)
3 REPLIES

Re: configuring load balance and active active

Hi,

You can configure the pair of ASAs in A/A failover as long as you have it configured with security contexts. This means than 1 ASA is going to be the active unit for one or more contexts and the other ASA is going to be the active unit for the other contexts (while each other act as a secondary unit for the corresponding contexts of the other active unit).

This link shows the information regarding A/A failover:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_active_active.html

Let me know if you have any questions, because having the ASAs configured in multi-mode has some restrictions.

Federico.

New Member

Re: configuring load balance and active active

Hi,

I have configured glbp on both the routers(2951) for load balancing two different isps with different dns, also configured active/standby on asa 5510.

Now i am facing problem, some users were able to browse internet and others were unable to browse. Also some users disconnected from the internet in between.

Note: We are using seperate DHCP servere inside lan.

Option-2: Also we removed glbp, and applied two dynamic routes  for both the routers in asa, but still we are facing the same problem as above.

Can someone help me on solving this problem.

Regards

Suresh

Re: configuring load balance and active active

This thread may help:

https://supportforums.cisco.com/thread/345692;jsessionid=CB534B02F412845A6F6CCCFE76EDAC5D.node0

One possibility mentioned  is to configure a security context for each ISP on the ASA and associate half of the VLANs to one context and half to the other.

Do the ISP's support BGP? If so this thread also discusses using it to load balance traffic.

477
Views
0
Helpful
3
Replies
CreatePlease to create content