?
Solved

Maximum active pix to pix vpn connections

Posted on 2006-07-10
5
Medium Priority
?
721 Views
Last Modified: 2013-11-16
Does anyone know the maximum active pix to pix vpn connections you can have on a pix 515? In case you need it, here is the results from a show version

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee

cic-pix up 24 days 7 hours

Hardware:   PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

Licensed Features:
Failover:                    Enabled
VPN-DES:                     Enabled
VPN-3DES-AES:                Enabled
Maximum Physical Interfaces: 6
Maximum Interfaces:          10
Cut-through Proxy:           Enabled
Guards:                      Enabled
URL-filtering:               Enabled
Inside Hosts:                Unlimited
Throughput:                  Unlimited
IKE peers:                   Unlimited

This PIX has an Unrestricted (UR) license.
0
Comment
Question by:ptuttle1319
  • 2
  • 2
5 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 17076838
UR license = up to 2000 VPn tunnels
"Delivers feature-rich remote access VPN concentrator services for up to 2000 remote software- or hardware-based VPN clients"
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b15.html
0
 

Author Comment

by:ptuttle1319
ID: 17077030
Im not sure if that applies to a pix to pix connection, or as they list it, a site to site connection. will it apply to that?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17077624
Yes, it applies to site-to-site (hardware-based) regardless of what is at the other end - pix, router, vpn3000, other firewalls, whatever.
How many are you looking at supporting?
0
 
LVL 1

Expert Comment

by:Jaedub
ID: 17078019
2000 is your answer.
With a 515 (200MHz) and not a 515E (433MHz) you will notice a performace hit when using a high number of IPSEC connections with a high level of encryption AES 256, 192, 128 or 3DES.
0
 

Author Comment

by:ptuttle1319
ID: 17080755
It will only be 3 at the moment, so it's sounding like I should be good to go. Thanks!
0

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

593 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question