For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Richie_77270's avatar
Richie_77270
Icon for Nimbostratus rankNimbostratus
Feb 28, 2010

Firewall Load Balancing

We currently utilize a 5540 Active/Standby pair of firewalls that handles all of our traffic.     Recently we deployed a new application to our data center that has caused the resource usag...
config
design
Chris_Miller's avatar
Chris_Miller
Icon for Altostratus rankAltostratus
Jul 13, 2010
Posted By Richie on 07/13/2010 09:16 AM

I'm trying to have all my traffic go through the external LTM and get load balanced across my three ASA 5540 firewalls. Some of the traffic is going to go to my internal LTM which load balances to some of my web servers and other traffic just goes straight to other internal servers.

Gotcha, you'll likely want to do the following: 1. Have 1 pool that contains all your ASAs. 2. Have 1 pool that contains the VPN-specific ASA. Let's call this pool "pool_vpn" 3. Create your VS and set the default pool to be the pool containing all your ASAs. 4. Create an iRule and apply it to your VS. The iRule will be something like this: 
when CLIENT_ACCEPTED {
if { [ IP::addr [ IP::client_addr]] eq x.x.x.x } { 
pool pool_vpn }
}

This is an example, not-optimized...but hopefully addresses what you're trying to do.