PIX 525 UR With 1 4-Port FE, 1 VPN Accel Card

KEITH BEAUL · ‎11-11-2007

Good day;

I have a PIX 525 Unrestricted with failover.

802.bin IOS

There is 1 4-port FE and a VPN Accelerator card installed in each unit.

I tried to install a second 4-port FE in both prime and secondary units and the following is the result.

Once I power up both units the second 4-port FE mimics the first one. Although there are no physical connections to the second 4-port FE's, the port lights on the second FE's light up as the ones on the first 4-port FE.

Example:

1st 4-port FE

Fa0/2 - physical connection - Light on

Fa0/3 - no physical connection - Light off

Fa0/4 - physical connection - Light on

Fa0/5 - no physical connection - Light off

2nd 4-port FE

Fa0/6 - no physical connection - Light on

Fa0/7 - no physical connection - Light off

Fa0/8 - no physical connection - Light on

Fa0/9 - no physical connection - Light off

Also, when the second card is installed the first card will not function and this sets both PIX's as active.

I'm somewhat baffled.

JORGE RODRIGUEZ · ‎11-11-2007

Hi, I have not worked with 525s but I think you may be limmited to physical interfaces.

can you do " show version "

it should show you the maximun physical interfaces 525 can have.. I will look into the 525s in a few.

[edit]

This is the information for 525 specs and combinations of FE and GE cards.

if you do show version it should indicate 6

maximun physical interfaces per 525, once you post show version it would make sence sence that the output of your interfaces you have 4 LIGHS ON interfaces, plus one inside and one outside interface makes total of 6.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080091b09.html

Jorge Rodriguez

JORGE RODRIGUEZ · ‎11-11-2007

Keith, well I take previous post back.

The 525 will support up to 10 physical interfaces as long as your have UR license.

So the question is why the second card would not function, are you sure you have UR license on both PIXes, I would look into its licensing.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html

Jorge Rodriguez

KEITH BEAUL · ‎11-12-2007

Hi;

Here's the show version.

As you will see, it allows for 10 physical interfaces.

I'm scratching my head over this one.

Cisco PIX Security Appliance Software Version 8.0(2)

Device Manager Version 6.0(2)

Compiled on Fri 15-Jun-07 18:25 by builders

System image file is "flash:/pix802.bin"

Config file at boot was "startup-config"

MHCPPIX1 up 27 days 22 hours

failover cluster up 93 days 1 hour

Hardware: PIX-525, 256 MB RAM, CPU Pentium III 600 MHz

Flash E28F128J3 @ 0xfff00000, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)

0: Ext: Ethernet0 : address is 0011.924b.dd31, irq 10

1: Ext: Ethernet1 : address is 0011.924b.dd32, irq 11

2: Ext: Ethernet2 : address is 000d.88ee.5d70, irq 11

3: Ext: Ethernet3 : address is 000d.88ee.5d71, irq 10

4: Ext: Ethernet4 : address is 000d.88ee.5d72, irq 9

5: Ext: Ethernet5 : address is 000d.88ee.5d73, irq 5

Licensed features for this platform:

Maximum Physical Interfaces : 10

Maximum VLANs : 100

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Cut-through Proxy : Enabled

Guards : Enabled

URL Filtering : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

VPN Peers : Unlimited

This platform has an Unrestricted (UR) license.