Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Gateway Redundancy & VPN Load Balancing

Currently, there are 10 remote branches connecting to the HQ pix515e firewall (Site-to-site VPN).

Due to ISP's issues, our customer is planning to install 2nd unit of pix515 at HQ (to different ISP) for redundancy purpose.

1) We are trying to figure out how to provide gateway redundancy solution to our client. There's no internal routers to provide HSRP. The current default gateway is the primary pix's internal interface. Do you have any suggestions? I checked the data sheet, VRRP is not introduced into pix yet. IRDP? Maybe not.

2) In order to load balance the vpn connections at HQ. We will redirect 5 branches to connect to the 1st pix and the other 5 branches to point to the 2nd pix. And if one of the pix is down at hq, the remote vpn firewall will point to the secondary pix.

Do you foresee any issues?

Thank you.


Re: Gateway Redundancy & VPN Load Balancing

The PIX support page has a number of cofiguration example for deploying IPSec. Hope that helps.

CreatePlease to create content