Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
532
Views
0
Helpful
2
Replies

load balance MASTER does not accept VPN request ?

rico_hao40
Level 1
Level 1

‎10-29-2009 08:33 AM

I have three ASA running as a cluster to accept VPN request, but I noticed recently the MASTER does not take any VPN session only the two backup ASA doing load balance?

Tried reboot still no change?

Any idea

Public IP Role Pri Model IPSec SSL IPSec SSL

---------------------------------------------------------------------------

* x.x.x.1 Master 1 ASA-5550 0 0 0 1

x.x.x.2 Backup 2 ASA-5550 0 0 2 3

x.x.x.3 Backup 3 ASA-5550 0 0 2 3

Thanks

Labels:
0 Helpful
2 Replies 2

slmansfield
Level 4
Level 4

‎10-29-2009 10:13 AM

I looked in the ASA documentation and could not find a specific reference, but I know that when clustering VPN concentrators the cluster master always has fewer sessions because of its additional responsibility to manage the sessions between cluster members. It looks like the ASA cluster configuration works similarly.

I think once you get a higher volume of VPN sessions you will see the cluster master start to take on sessions, but it will have a lower percentage of total sessions than the other members.

0 Helpful

rico_hao40
Level 1
Level 1
In response to slmansfield

‎11-11-2009 11:18 AM

Your explanation is exactly same like Cisco TAC. The TAC said if backup load goes up to 5%, then the Master start taking session.

Thank you.

0 Helpful
Customers Also Viewed These Support Documents