04-12-2022 03:05 PM
Has been able to F5 GSLB to load balance AnyConnect SSL remote access VPN or is there a guide anywhere? We currently have two ASAv50s deployed in our two main data centers and we want to be able to use our F5s with GSLB to load balance the traffic between them.
04-12-2022 03:09 PM
check some guide lines :
04-12-2022 08:30 PM
02-23-2023 12:50 PM
Unless I'm reading this incorrectly the VPN load balancing option being talked about needs to have the ASAs located in the same inside and outside IP networks. In our environment we have our ASAs located in two completely different data centers in different states. From reading the documentation that I've found, in this scenario we would need to use some type of external DNS load balancing which we use Big IP GSLB. I'm trying to find some type of guide for that setup, but I may need to find a more generic guide through Big IP.
02-25-2023 08:47 PM
GSLB, aka DNS, is really just DNS so there's no trick there to load balancing a VPN connection. All you would need to do is to add your pools to the same WIP, protocols aren't an issue there. The real work takes place at the LTM level with what protocols you want to let through. Since you mentioned SSL VPNs, I believe you would just setup your Virtual Servers the same as any HTTPS website. Those VSs would feed your DNS Pool and the Pools would be in your DNS WIP. It can get more involved from there, especially if you want to configure things so the users connect to the ASA that's closest to them. That level of configuration is a bit beyond me and would probably require some professional services from F5.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide