How to set inside hosts to use 1

[adrianday]

My subject description may be misleading.

I think my PIX is limited to 10 inside hosts. we have a numer of remote users who connect to recieve e-mail and browse our intranet.
Our inside network has many more than 10 hosts. Whats happens when a connection is made to say the 11th host, does an already 'connected' one drop out?

At present i have configured our 3 subnets on the 'inside' interface. If i were to add or replace these with only the hosts needed would i stop the '11th' host problem.
If this type of question has been answered here or elsewhere please kindly direct me to it.
many thanks Adrian

 

[brianinms]

The 11th connection that attempts to traverse the pix will be blocked. It wont drop any current connections. You should upgrade your license to 50 users.

 

[adrianday]

Thanks for replying so quickly. upgrading to 50 users is an option we would need to consider.

Could you tell me how i would configure the PIX to only allow 10 hosts of my choice. As you can guess i'm bit of a newby

 

[brianinms]

Please note that VPN users also count into the 10 host limit.


You configure your nat and specify the ip addresses that you wish to traverse the firewall


nat (inside) 1 192.168.10.25 255.255.255.255
nat (inside) 1 192.168.10.33 255.255.255.255

 

[NetworkGhost]

You actually arent limited by connections but source IPs rather. So 10 user license would allow 10 IPs to make X number of connections.

http://www.wr-mem.com

 

[adrianday]

So in conclusion my PIX could have 20 remote VPN users(people) as long as inside there were only 10 devices (MAC's, IP address's)), or have I totaly misunderstood

many thanks for your help