Solved: DUAL WAN LOAD BALANCING (50%/50% RATIO)

Tritontek · ‎05-19-2022

Hello everyone,

May i ask if there is a way to configure a dual wan load balancing with a 50%/50% ratio on both outside interface using FMC.

Right now my current config is just basic failover.

I have a FTD 5508X v7.0.0.1 and FMC v7.0.0.1

Thanks to you all

Herald Sison · ‎06-02-2022

Are the interfaces 1/1 and 1/2 are inside interfaces?

make sure to assign the route map to your inside interfaces

View solution in original post

Jitendra Kumar · ‎05-19-2022

configure Policy Based Routing in FTD with IP SLA. You can Load-balance the traffic as per the access list you mentioned in the route map. With the help of tracking the availability of next-hop, you can achieve auto-switch traffic when one interface is down. With the help of Flex config, you do the configuration of PBR, below video link will help you to configure PBR in FTD with IP SLA.

help can be taken from this tutorial:-

https://www.youtube.com/watch?v=MKcSBTJ55e8

Thanks,

Jitendra

Thanks,
Jitendra

Tritontek · ‎05-20-2022

is it safe to deploy PBR via flex config on a running FTD? my FTD is being used by production team so i am hesitant on deploying such changes while people are busy working and it might cause an interruption.

also my static route is configure like this currently is it safe to just leave it as is?

Jitendra Kumar · ‎05-20-2022

routes metric depends on ISP priority.

you should not test any new config in the production environment you can plan according to test it.

Thanks,

Jitendra

Thanks,
Jitendra

Tritontek · ‎05-21-2022

Hi Sir,

i am really confused in this route-map command, i have watched several videos regarding this but they used different integer that does not match with their SLA Monitor ID and some did not swap their metric id on the 2nd route map argument.

can someone please explain to me, for example 1st IP is 10.10.10.49 1 track 1 and 2nd IP is 20.20.20.125 2 track2 does the integer right next to the IP is the static route metric and the integer right next to the word track is the SLA monitor ID?

i have attached a screenshot below circled red and blue does my understanding above is correct? and what is the correct arrangement for that?

Herald Sison · ‎06-02-2022

Are the interfaces 1/1 and 1/2 are inside interfaces?

make sure to assign the route map to your inside interfaces

Tritontek · ‎05-29-2022

HI Sir,

i tried the below configuration but no vlans were routed to ISP2 all vlans sticks to ISP1.

Rob Ingram · ‎05-19-2022

@Tritontek you can use Traffic Zones to group the outside interfaces for ECMP load balancing.

It is natively configurable from version 7.1, prior to that you need to use FlexConfig to configure.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/710/management-center-device-config-71/routing-ecmp.html