1-12
Cisco ASA Series CLI Configuration Guide
Chapter 1 Setting General VPN Parameters
Configuring Load Balancing
Configuring Load Balancing
To use load balancing, configure the following elements for each device that participates in the cluster:
• Public and private interfaces
• VPN load-balancing cluster attributes
Note All participants in the cluster must have an identical cluster configuration, except for the device priority
within the cluster.
Note The Local CA feature is not supported if you use Active/Active stateful failover or VPN load-balancing.
The Local CA cannot be subordinate to another CA; it can act only as the Root CA.
Configuring the Public and Private Interfaces for Load Balancing
To configure the public (outside) and private (inside) interfaces for the load-balancing cluster devices,
do the following steps:
Step 1 Configure the public interface on the ASA by entering the interface command with the lbpublic
keyword in vpn-load-balancing configuration mode. This command specifies the name or IP address of
the public interface for load balancing for this device:
hostname(config)# vpn load-balancing
hostname(config-load-balancing)# interface lbpublic outside
hostname(config-load-balancing)#
Step 2 Configure the private interface on the ASA by entering the interface command with the lbprivate
keyword in vpn-load-balancing configuration mode. This command specifies the name or IP address of
the private interface for load balancing for this device:
hostname(config-load-balancing)# interface lbprivate inside
hostname(config-load-balancing)#
Step 3 Set the priority to assign to this device within the cluster. The range is from 1 to 10. The priority indicates
the likelihood of this device becoming the virtual cluster master, either at startup or when an existing
master fails. The higher you set the priority (for example, 10), the more likely it is that this device
becomes the virtual cluster master.
hostname(config-load-balancing)# priority number
hostname(config-load-balancing)#
For example, to assign this device a priority of 6 within the cluster, enter the following command:
hostname(config-load-balancing)# priority 6
hostname(config-load-balancing)#
Step 4 If you want to apply network address translation for this device, enter the nat command with the NAT
assigned address for the device. You can define an IPv4 and an IPv6 address or specify the device’s
hostname.
hostname(config-load-balancing)# nat ipv4_address ipv_address
hostname(config-load-balancing)#
To Next Page
Loading...
Need help?
General