NimbostratusI haven't been able to find any documentation for guidance in configuring F5 to be able to do GTM for Cisco ASA AnyConnect RA-VPN. I'm trying to use our F5s to load balance our Cisco ASAv based AnyConnect SSL RA-VPN connections between two data centers.
Hi,
The Cisco ASAv based AnyConnect SSL RA-VPN is solved by a DNS register? if the answer is yes, you have to delegate the register to the DNS listeners on the F5 DNS and create a listener with a couple of DNS pools to balance the traffic across both data centers, this is one example of the delegation that you have to configure:
https://support.f5.com/csp/article/K277
Hope it´s work.
CirrostratusHi LGonzales80,
So i think you have to requirement for using GTM for Cisco ASA,
1. In case the customer would like to prefer site for support this service and another site for backup, you have to configuration load balance method "global availability" for prefer site
2. If the customer would like share load for Cisco ASA, So i think you have to using load balance method with raio or geolocation
I hope this information will help you
Please find more information: https://cloud-ttrust.com/
CirrostratusFor AnyConnect RA VPN Load Balancing which Module to Use GTM or LTM ?
I have 2 RA VPN but they are at SAME Data Center. Should I use LTM or GTM ?
Each AnyConnect VPN 2 different identity cert normally , but if we put F5 Infront of it , what cert will be installed at each AnyConnect Box ?
Plan to use F5 is using load balancing between 2 VPN
For example if 1st RA BOX name is - vpn1.company.com and 2nd one is vpn2.company.com , normally each VPN will have each individual Identity cert on them , but if we put F5 infront of both what cert we need to call from each VPN Config at AnyConnect level ?
