Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Lad balance traffic across a pair of firewalls

I have a redundant firewall pair and want to make use of both paths. How can I succesfully load balance across 2 or more firewalls and still maintain symetry of traffic as to not break state tables. I am more familiar with Route switch than f/w. I know that my f/w pairs dont syncronize state tables.

what do I need to satisfy the requirement?


Re: Lad balance traffic across a pair of firewalls

with pix v7, there is a new option of failover, namely active/active that offers a true load balancing.

New Member

Re: Lad balance traffic across a pair of firewalls

In Active/Active mode, you need to configure multiple contexts, which is a licensed feature. My understanding of PIX active/active is that you can 'balance load' across each pix eg context 'n' is primary on one pix, context 'n+1' is primary on pix2 and so on for each context. I don't believe you can load-balance traffic for a single context across both pixs at once (please correct me if I'm wrong here). The documentation in the url listed by the last reply also states

'The security appliance does not provide load balancing services. Load balancing must be handled by a router passing traffic to the security appliance.'

CreatePlease login to create content