07-11-2024 02:11 PM - edited 07-11-2024 02:12 PM
Hello, I need a couple of firewall to manage up to 1500 concurrent anyconnect connections.
the firewall need only to manage anyconnect remote access.
may I use a couple of FPR1140-ASA or FPR-1150 in load balancing?
I would not configure them in failover.
what if one of the two firewalls fails? Is the other still capable to manage half of the total connections?
many tks
could it be also possible to configure the couple in failover and still have load balancing from both the firewall?
Many tks
Johnny
07-11-2024 02:14 PM
Are FTD HA?
MHM
07-11-2024 11:23 PM
@l.buschi VPN Load Balancing supports 2 or more devices (up to 10) and all devices are active, with users connecting to the least loaded device. The maximum number of sessions that a load balancing group can support is the total of the number of sessions for each of the devices in the group. The FPR1140 supports a maximum of 400 VPN peers and the FPR1150 800 peers. You would need 2 x FPR1150 to meet your 1500 concurrent user requirement or 4 x FPR1140.
If a VPN load balancing group member device fails you would lose capability, so if you had 2 x FPR1150 and one fails only 800 users could connect until you replace the hardware. You would either need to account for this with an additional device(s) in the VPN load balancer group or instead configure an HA failover pair, in which case you should look at the FPR 2110/2120 to support 1500+ CCU.
ASA VPN Load Balancing - https://integratingit.wordpress.com/2020/03/14/asa-vpn-load-balancing/
FTD VPN Load Balancing - https://integratingit.wordpress.com/2021/06/13/ftd-vpn-load-balancing/
07-12-2024 03:21 AM
we are running a couple of ASA's on FP2120 hw in a HA setup - the active is daily supporting around anyconnect 1000 users and is running more or less idle - i think you should look at a ASA setup instead
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide