Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

firewall load balancing without layer 4 switch

We want to firewall load balancing.

Firewall LB can be possible, without placing the layer4 switch the front of and the back of firewall?

If so, how can it be possible?

Probably, is that why two firewalls exchange nat table information (packet session information)through the direct synchronization link?

4 REPLIES

Re: firewall load balancing without layer 4 switch

Hello Joong

Which firewalls are these ?? PIX or ASA?? V 6.3 or 7.x ?? with Version 7.x you have the multiple context licenses available to do active active on the firewalls.. it can still be called as load-sharing and not load-balancing... Do you want the traffic going to the firewalls, load balance to both the devices or is it something else?? if yes, then A/A firewalling is one solution !!!!

Hope this helps.. all the best.

Raj

New Member

Re: firewall load balancing without layer 4 switch

Thanks.

I would like to confirm the topology, active-active firewalling without LAYER 4 SWITCH.

PIX with version 7 enables active-active firewall loadsharing ? If so, what protocol is used for this load-sharing? VRRP or proprietary HA(High availability) protocol?

Re: firewall load balancing without layer 4 switch

Hello Joong,

The firewalls basically use the standard High availability protocol... You will basically allocate networks to multiple contexts and use the secondary unit also for some of the network traffic !!! you can on a whole, think this as M-HSRP feature on routers !!!!

For more info on Active/Active failover use the following resource:

http://cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008045247e.html#wp1052847

There is also a very good training resource on this. see if you can access this:

http://www.cisco.com/web/learning/le31/le29/configuring_asa_pix_security_appliances.html

Hope this helps.. all the best.. rate replies if found useful..

RAj

Re: firewall load balancing without layer 4 switch

Hello Joong,

Do you need any other assistance with this post ? Do let us know.

Raj

244
Views
0
Helpful
4
Replies
CreatePlease login to create content