cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
339
Views
0
Helpful
1
Replies

load balancing few wan links and high availability

Random44F
Level 1
Level 1

Hi All,

Here is what i am trying to do and appreciate if you guys could put me in the right direction

1. We have two asa 5512x  and 3 internet lines.

What I am trying to do is have a device , which i can plug a link from each asa to it so 2 x lan and then the router or device act as load balance/failover.

The two links from lan go into it, one of the lans it not going to forward any traffic unless the other asa is dead ( high availability ) .

So we will only have 1gb internal lan forwarding data to the device .

now the device has 3 wan link, I want to have a device which i can configure it to say, send specific type of traffic using this wan link and others using the other link and some other using the third link only if it is free and not loaded . I don't know if the third case is possible .

then if line 1 is dead then send the traffic using line 2 and 3 so this would be an instant failover and the business will no go down at any point

also need to see some fancy charts on what our usage etc is and see the traffic used per connection ( I think netflow can do this).

Currently we have a peplink which is capable of doing this and I am thinking I should move this to cisco but do not know whether the asas we have can do this or a cisco router can do it ?

I appreciate your reply

many thanks

1 Reply 1

Kelvin Willacey
Level 4
Level 4

ASAs cannot do load balancing/sharing, only ISP failover. This would mean you would need three ASAs one for each ISP and have a router behind the ASAs that will use PBR and SLAs to route the traffic as per your policies and failover the traffic if an ISP link fails on the ASA. Or you can have the router connect directly to the three ISPs and have the ASAs behind the router and accomplish the same thing.

Personally I don't bother with having routers at the edge anymore unless the requirement is to only provide failover in which case I can do that on the firewall. I prefer to use load balancers such as Radware or F5, they have more features and are easier to configure.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco