Load Balancing ASA question - which IP do I direct clients too?

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
Guest

Load Balancing ASA question - which IP do I direct clients too?

Post by Guest » Thu Jul 22, 2010 3:16 pm

I have 2 5520s with a 50 user SSLVPN license on each. I want to use the VPN load balancing feature. Should I be sending users to the Cluster IP Address ? The documentation isnt clear on this point. Thanks,Justin

Guest

Re:Load Balancing ASA question - which IP do I direct clients too?

Post by Guest » Thu Jul 22, 2010 3:55 pm

Thats correct. You should have the VPN connect to the LB cluster IP, not the individual IP addresses. The master ASA will listen for the connection requests to the LB Cluster IP and based on load either accept the connection or automatically redirect it to one of the standby ASAs in the cluster. This should all be transparent to the VPN user connecting.

Guest

Re:Load Balancing ASA question - which IP do I direct clients too?

Post by Guest » Thu Jul 22, 2010 5:03 pm

jickfoo wrote: I have 2 5520s with a 50 user SSLVPN license on each. I want to use the VPN load balancing feature. Should I be sending users to the Cluster IP Address ? The documentation isnt clear on this point. Thanks,Justin Justin You need to use the cluster IP address. If you used the actual address of the firewall outside interfaces then you wouldn get load-balancing. Jon

Guest

Re:Load Balancing ASA question - which IP do I direct clients too?

Post by Guest » Thu Jul 22, 2010 5:12 pm

Out of interest, why was this rated as not helpful ? Jon

Post Reply