Cisco ASA Load balancing

Dear Rane, Please help me on the below queries.

  1. Does Cisco ASA supports load balancing? If yes, how do I make reach ability to secondary destination server in case of primary destination server is down.
  2. How ASA can be configured for resolving FQDN by quering primary DNS and if it fails, switch query to secondary DNS.

Hello Sivakumar

It depends on what kind of load balancing you mean. One type of load balancing involves the use of two ASAs on the edge of the network that balance incoming and outgoing traffic across both devices. This is called Active/Active failover and can be further researched at the following link:

Secondly, ASAs are capable of providing redundant links using Etherchannel where load balancing can take place between such links. The following diagram describes such a situation in combination with a VSS (or vPC for Nexus) pair of switches:


In both of these cases, the load balancing offers both efficiency and redundancy. This means that if any single link goes down (or if any single device goes down), the other device or link will continue to function normally and the operation of the network will not be affected (beyond the loss of bandwidth the failed link/device causes).

You can use the dns-server (group-policy) command to do this. You can find out more information about this here:

I hope this has been helpful!


1 Like