Forum Discussion

Subrun's avatar
Icon for Cirrostratus rankCirrostratus
Nov 29, 2022

For AnyConnect RA Load Balancing which Module to Use GTM or LTM

For AnyConnect RA Load Balancing which Module to Use GTM or LTM. 

I have 2 RA VPN but they are at SAME Data Center. Should I use LTM or GTM  ?

Each AnyConnect VPN 2 different identity cert normally , but if we put F5 Infront of it , what cert will be installed at each AnyConnect Box ?

Plan to use F5 is using load balancing between 2 VPN

For example if 1st RA BOX name is - and 2nd one is , normally each VPN will have each individual Identity cert on them , but if we put F5 infront of both what cert we need to call from each VPN Config at AnyConnect level  ? 

1 Reply

  • I would use the GTM to load balance your AnyConnect VPN connections but if you have an SSL certificate that is only valid on each RA device for one FQDN you will have an issue because typically the GTM setup is as follows. -> ->

    That response will change depending on your load balancing algorithm so each destination device will see the request as rather than vpn1 or so make sure your SSL cert covers both names if that is allowed. Aside from that I believe Cisco has a way of doing this on their own at the following link.