Firewall user limit

Posted on 2011-05-09
Last Modified: 2012-05-11
I have a 10 user limit on a PIX 501, and was wondering how it tracks the limit?  By MAC?  IP?

Also, what happens if you put a NAT router before the Firewall?  Does all NAT'd traffic passed to the PIX only show as 1 user, or is it smart enough to know better?
Question by:B1izzard
    LVL 33

    Accepted Solution

    It will track 10 XLATEs from internal hosts going outbound.   The 11th attempt to get an XLATE to go outbound would be denied and dropped.  
    See this for more detailed info:

    I suppose placing a NAT device in front of the PIX would so what you indicated, letting the PIX think there is only 1 host.


    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
    There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now