Forum Discussion
NimbostratusBalance IPsec tunnels from Big-IP to Azure
Hello community, hope you're fine!
I have something like a "yes" or "no" question for you guys.
We have a customer that has a DC in their HQ and a farm in Azure.
They have 1 uplink from HQ's DC to Azure, to access their servers through an IPsec VPN which is between a Cisco ASA to Azure's FW.
They want to add a second link, also with an IPsec VPN and they want to balance the traffic flowing through those 2 uplinks.
The first thing on our mind was, if we want to "active-active" load balance the traffic, we need to create the IPsec tunnels from the Big-IP against Azure. The client is 'OK' with that.
Now, in terms of documentation; I have found this 2 great articles with the step-by-step for creating an IPsec vs Azure.
From the latter I'm leaning that we CAN have 2 IPsec tunnels and apply "dynamic routing" and balance between those 2 uplinks. But I'm not 100% sure.
So, the BIG question(s) would be: Can we do that? Can we balance connections between 2 IPse tunnles created from LTM Big-IP against the same ending point in Azure?
Any other suggestions will be much appreciated!
Thanks in advanced.