You could use multi-path selection of OSPF to create inbound and outbound statistical load-balancing. However, it will take some trickery to make sure that an inboud session is fowarded back out through the same Pix that in came in and vice versa. This is necessary because the Pix must maintain information about the session for it to pass through, which means all packets of a session must traverse the same Pix.
This can be accomplished using a device in front of and behind the Pixs such as a load-balancing switch or a Cisco router using SLB. There is an SLB feature designed explicitly for load balancing firewalls through maintaining "sticky" sessions. This can also be accomplished with source-NAT so that the routers "know" which Pix to send the traffic back through.
This sort of configuration works with or without OSPF. Multi-path OSPF selection on the Pix is meant to take advantage of multiple inside and outside network Path--not parrallel Pixs.
1) Statistical load-balancing refers to the fact that truly even load balancing will not occur. Rather, you'll get a distribution limited by the statistics of the method. For example, destination based load-balancing occuring via CEF will not result in 50% usage on both paths. A session across one path my consume all bandwidth while another session sent across the other path will only be a single UDP packet. The types of sessions and the destinations determine the amount of "load-balancing". It is an especially important distinction if most of the traffic is to the same destination
2) The Pix could choose to send outbound traffic over multiple paths. You don't need OSPF for this though. Multiple default routes or something like GLBP would accomplish this.
Your original question was about load balancing an array of Pixs. Both of these questions are really in reference to a single Pix distributing its load across multiple routers and/or their links. Which are you inquiring about?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :