PIX or 1721 Router

Posted on 2007-10-04
Last Modified: 2010-04-17
I am looking for some knowledge on which device I would be better off using at my place.  I am currently using a PIX 506E, but I have a 1721 router sitting unused on my desk. The PIX is running version 6.3(4) and show mem returns
Free memory:        13997288 bytes
Used memory:        19557144 bytes
-------------     ----------------
Total memory:       33554432 bytes

The 1721 is running IOS version 12.3(9c)
and has 32 megs of flash memory.

I am at a non-profit, and received this equipment through a donation program, so purchasing different equipment is not an easy option (purchasing different Cisco equipment is probably out of the question).

Currenty I have a the PIX 506E set up in the main office.  For the most part its DSL connection is used only for VPNs, and as a backup if our other internet connection goes down.
I have 3 site to site VPNs running through it to remote sites also with PIX 506Es.  
We have a Windows 2003 domain, and these 3 sites have local domain controllers and have about 20 other computers on each LAN.  The main office has about 100 devices on the LAN.

I also have two site to site VPNs to smaller offices with no local domain controller and about 5 PCs at each site. They both have Cisco 851 routers.
All of this has been very solid for over a year - never any problems with the VPNs or Cisco equipment.

Now I would like to set up site to site VPNs with our remaining 4 offices all with 1 to 5 computers and no local domain controllers.  This would be a total  of 9 VPN connections to the main office.  I would also be using Cisco 851 routers at these locations. (Unless there is a better choice at a comparible price?)

So my question is which device should I use at the main office?  Are 9 VPNs pushing it for the PIX?  Would the 1721 handle this better, or is the PIX better equiped for this kind of use?
Question by:misgci
    LVL 79

    Accepted Solution

    Keep the PIX. It is much more suited to handling the VPN traffic and Internet access. It was designed for this purpose. The 1721 was designed to route packets, and firewall features and IPSEC VPN is a "bolt-on" feature set. You may not even have the required IOS advanced security version that would be required. Buying an upgrade to IOS is more expensive sometimes than buying a new router.

    Author Comment

    So the PIX won't have a problem with that many tunnels?

    Author Comment

    Thanks, I appreciate your advice.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
    We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now