?
Solved

Maximum active pix to pix vpn connections

Posted on 2006-07-10
5
Medium Priority
?
688 Views
Last Modified: 2013-11-16
Does anyone know the maximum active pix to pix vpn connections you can have on a pix 515? In case you need it, here is the results from a show version

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee

cic-pix up 24 days 7 hours

Hardware:   PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

Licensed Features:
Failover:                    Enabled
VPN-DES:                     Enabled
VPN-3DES-AES:                Enabled
Maximum Physical Interfaces: 6
Maximum Interfaces:          10
Cut-through Proxy:           Enabled
Guards:                      Enabled
URL-filtering:               Enabled
Inside Hosts:                Unlimited
Throughput:                  Unlimited
IKE peers:                   Unlimited

This PIX has an Unrestricted (UR) license.
0
Comment
Question by:ptuttle1319
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 17076838
UR license = up to 2000 VPn tunnels
"Delivers feature-rich remote access VPN concentrator services for up to 2000 remote software- or hardware-based VPN clients"
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b15.html
0
 

Author Comment

by:ptuttle1319
ID: 17077030
Im not sure if that applies to a pix to pix connection, or as they list it, a site to site connection. will it apply to that?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17077624
Yes, it applies to site-to-site (hardware-based) regardless of what is at the other end - pix, router, vpn3000, other firewalls, whatever.
How many are you looking at supporting?
0
 
LVL 1

Expert Comment

by:Jaedub
ID: 17078019
2000 is your answer.
With a 515 (200MHz) and not a 515E (433MHz) you will notice a performace hit when using a high number of IPSEC connections with a high level of encryption AES 256, 192, 128 or 3DES.
0
 

Author Comment

by:ptuttle1319
ID: 17080755
It will only be 3 at the moment, so it's sounding like I should be good to go. Thanks!
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month10 days, 14 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question