Re: ASA Load Balance.

Mahmoud,

you should not consider ASA for load balancing over a single device, the
unit is not designed for that. Check Active-active as many have alreadyu
suggested, across two devices.

And the info you gave us is vague in terms of what kind of relations you
have with your ISPs, whether dynamic routing protocols are running between
the two etc.

Again, ASAS is a firewall. If you are after traffic load balancing, you
should start looking at routers at least.

HTH

A.

2009/12/14 Mahmoud Nossair <mnossier_at_jeraisy.com>

> But Cisco ASA firewall does not BGP routing.
>
>
>
>
>
>
>
> From: Radioactive Frog [mailto:pbhatkoti_at_gmail.com]
> Sent: Monday, December 14, 2009 3:57 AM
> To: Ryan Hughes
> Cc: Tempest D; Mahmoud Nossair; ccielab_at_groupstudy.com;
> mah.nosair_at_yahoo.com
> Subject: Re: ASA Load Balance.
>
>
>
> BGP is the answer for your scenario. In any scenario if you've SNAT or
> few
> apps sitting inside the lan will not work.
>
> Floating static route with NAT can do the trick for SIMPLE internet access.
>
>
>
> On Mon, Dec 14, 2009 at 8:58 AM, Ryan Hughes <rshughes_at_gmail.com> wrote:
>
> Load Balancer won't do any good. He's referring to using IP SLA to track
> the
> primary ISP gateway and then if that fails, remove the static route object
> and use a floating static to reach his second ISP gateway.
>
> Mahmoud - this is the document you're looking for:
>
> http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration
> _example09186a00806e880b.shtml
>
> <
> http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuratio
> n_example09186a00806e880b.shtml>
>
> On Sun, Dec 13, 2009 at 4:39 PM, Tempest D <tippyd44_at_gmail.com> wrote:
>
> > You need a load balancer.
> >
> > On Sun, Dec 13, 2009 at 3:01 PM, Mahmoud Nossair <mnossier_at_jeraisy.com>
> > wrote:
> > > Hi Experts
> > >
> > >
> > >
> > > I have ASA5520 firewall and I have two ISP connected to int F0/1 and
> > F0/2
> > > and I have inside interface, I need to make a load balancing between
> the
> > > two ISP so if one ISP goes down the other will take over
> > >
> > >
> > >
> > >
> > >
> > > ------Inside-FW----- ISP A (Connected to Outside1)
> > >
> > > |
> > >
> > > |
> > >
> > > ISP 2 (Connected to Outside2)
> > >
> > >
> > >
> > > I heared that ASA can load balance between three different ISP but
> they
> > > must be connected to the same interface ( not as my setup each ISP is
> > > connected to a separate interface).
> > >
> > >
> > >
> > > Thanks in advance
> > >
> > >
> > >
> > > Mahmoud Nossair
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon Dec 14 2009 - 15:42:38 ART