Solved

Maximum active pix to pix vpn connections

Posted on 2006-07-10
5
630 Views
Last Modified: 2013-11-16
Does anyone know the maximum active pix to pix vpn connections you can have on a pix 515? In case you need it, here is the results from a show version

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee

cic-pix up 24 days 7 hours

Hardware:   PIX-515, 64 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

Licensed Features:
Failover:                    Enabled
VPN-DES:                     Enabled
VPN-3DES-AES:                Enabled
Maximum Physical Interfaces: 6
Maximum Interfaces:          10
Cut-through Proxy:           Enabled
Guards:                      Enabled
URL-filtering:               Enabled
Inside Hosts:                Unlimited
Throughput:                  Unlimited
IKE peers:                   Unlimited

This PIX has an Unrestricted (UR) license.
0
Comment
Question by:ptuttle1319
  • 2
  • 2
5 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 17076838
UR license = up to 2000 VPn tunnels
"Delivers feature-rich remote access VPN concentrator services for up to 2000 remote software- or hardware-based VPN clients"
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b15.html
0
 

Author Comment

by:ptuttle1319
ID: 17077030
Im not sure if that applies to a pix to pix connection, or as they list it, a site to site connection. will it apply to that?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17077624
Yes, it applies to site-to-site (hardware-based) regardless of what is at the other end - pix, router, vpn3000, other firewalls, whatever.
How many are you looking at supporting?
0
 
LVL 1

Expert Comment

by:Jaedub
ID: 17078019
2000 is your answer.
With a 515 (200MHz) and not a 515E (433MHz) you will notice a performace hit when using a high number of IPSEC connections with a high level of encryption AES 256, 192, 128 or 3DES.
0
 

Author Comment

by:ptuttle1319
ID: 17080755
It will only be 3 at the moment, so it's sounding like I should be good to go. Thanks!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco 2960 PACL 9 41
IP Phone with a Analog Home Phone Line (Rj-11) 8 50
cisco VIRL 3 22
OSPF Question 12 22
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now