Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 515

Status
Not open for further replies.
routeconfig

routeconfig

MIS
Jun 30, 2002
24
CA
Hi,

I am new to PIX firewall. Some questions:
1. Our PIX 515 has 2 interfaces.Can I add NIC card? If yes which make/model. This PIX is used for our testing purposes only.
2. How can I know "how many user license this PIX have"?The "sh ver" tells me its "unlimited", since I upgrade to 6.2.1.
3. Does license reflect to no. of connections? It confusing to me since "global" can limit my outgoing connections.
Thanks

John
 
Sort by date Sort by votes
HI.

1. Our PIX 515 has 2 interfaces.Can I add NIC card?
An Intel PCI NIC can do the job, but not all models.
The newer models with 82550 are not compatible.
The older models with 82559 are fine.
You probably have the PIX 515R - This version supports up to 3 interface (including 2 built in), so you can only add 1 additional NIC.

2. How can I know "how many user license this PIX have?
Only the pix 501 model has a user limit.
Other models have no such limit, only a limit of concurrent sessions which is quite a high limit in the pix 515. You probably won't reach it unless you have many many users in that lab.

3. Does license reflect to no. of connections?
Well, the PIX515UR unlike the PIX515R comes with more RAM, so it can support more connections, but I think that this is only a hardware and not license limit (I'm not sure about this).

It confusing to me since "global" can limit my outgoing connection ???
Ah? What do you mean??
Do you mean the last 2 parameters of the NAT and the STATIC commands - max_conns & em_limit?
I guess these are for protection agains SYN flood and other DOS attacks.
Anyway read here about GLOBAL, NAT, STATIC and other commands:

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Thanks Yizhar.
I found that PIX sends Syslog messages,except for "interface status" changing (manualy shutting down outside interface). PIX is configgured for
#logging trap debugging
Is there anything missing here?

John
 
Upvote 0 Downvote
Interface line protocol shows "DOWN"

I did not see following features in PIX.
1. copy flash to tftp
2.boot from tftp server

Is there any way to achieve this?

 
Upvote 0 Downvote
HI.

1. copy flash to tftp
The "write net ..." command can copy the configuration to tftp. I don't know about copying the OS image but you can look for the "copy" command options.

2.boot from tftp server
I don't think that the pix supports this, nor will it in the future. It seems to me logical that a firewall can only boot localy.

Bye

Yizhar Hurwitz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
110
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
151
brownmab53
brownmab53
quazimotto
  • Locked
  • Question
Correct Upgrade Path for PIX
Replies
7
Views
215
quazimotto
quazimotto
quazimotto
  • Locked
  • Question
Ping thru PIX to subnet inside??!!
Replies
0
Views
92
quazimotto
quazimotto
anoble1
  • Locked
  • Question
Need help setting up PIX 515 for home use along with DMZ PS4 configuration
Replies
0
Views
117
anoble1
anoble1

Part and Inventory Search

Sponsor

Back
Top