Cisco Cisco ASA 5540 Adaptive Security Appliance Manuale Tecnico
Remote VPN Client Load Balancing on ASA 5500
Configuration Example
Configuration Example
Document ID: 68328
Contents
Introduction
Prerequisites
Requirements
Eligible Clients
Components Used
Network Diagram
Conventions
Restrictions
Configuration
IP Address Assignment
Cluster Configuration
Monitoring
Verify
Troubleshoot
Troubleshooting Commands
Related Information
Prerequisites
Requirements
Eligible Clients
Components Used
Network Diagram
Conventions
Restrictions
Configuration
IP Address Assignment
Cluster Configuration
Monitoring
Verify
Troubleshoot
Troubleshooting Commands
Related Information
Introduction
Load balancing is the ability to have Cisco VPN Clients shared across multiple Adaptive Security Appliance
(ASA) units without user intervention. Load−balancing ensures that the public IP address is highly available
to users. For example, if the Cisco ASA that services the public IP address fails, another ASA in the cluster
assumes the public IP address.
(ASA) units without user intervention. Load−balancing ensures that the public IP address is highly available
to users. For example, if the Cisco ASA that services the public IP address fails, another ASA in the cluster
assumes the public IP address.
Prerequisites
Requirements
Ensure that you meet these requirements before you attempt this configuration:
You have assigned IP addresses on your ASAs and configured the default gateway.
•
IPsec is configured on the ASAs for the VPN Client users.
•
VPN users are able to connect to all ASAs with the use of their individually assigned public IP
address.
address.
•
Eligible Clients
Load balancing is effective only on remote sessions initiated with these clients:
Cisco VPN Client (release 3.0 or later)
•
Cisco VPN 3002 Hardware Client (release 3.5 or later)
•
CiscoASA 5505 when acting as an Easy VPN client
•