Help me pick a PIX

Unanswered Question
Nov 16th, 2007
User Badges:

I'm looking for a PIX for an office of about 50 users, each with 50 VoIP phones using SIP (if that matters). It would need to support up to 100 consecutive VPNs, some Point-to-point, some via the Cisco VPN client. It needs 3 10/100 (or 1000) ethernet ports. It doesn't have to be a PIX, could be an ASA. Cost IS a point of contention. Upgrading from a 505E.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Fri, 11/16/2007 - 19:49
User Badges:
  • Green, 3000 points or more

Brian, these are next negeration of ASA from legacy PIXes. If upgrading 505E you probably would look into ASA5505, the ASA5505 have two routed ports inside/outside and one DMZ when using security plus license , however, 5510 would probably be a goog investment more scalable, but take a look at this link which will give you beter picture of capabilities per your requirements, always think of future growth , and device throughput specifications.



knobdy Tue, 11/20/2007 - 20:49
User Badges:

How does the licensing for the ASAs work now? There's a limit on concurrent VPN connections - is that ANY type of VPN connection or just peer-to-peer, SSL, or other client?

Are there other *software-based* limitations that weren't in effect in the older PIX 6.3 days?

JORGE RODRIGUEZ Wed, 11/21/2007 - 10:04
User Badges:
  • Green, 3000 points or more

It is different , if we take ASA5505 as an example in Models comparison

ASA5505 With a base lisence : ASA5505-BUN-K9 ( 10 user lisence ) only 10 users

inside can accesss outbound connections.

1- Maximun 10 VPN connetions , whether L2L and/or remote access VPN user sessions,

NO DMZ support no trunking support unless you purchase security plus license to have

up to 25 VPN connections and enable DMZ support and trunking.

Refer to this link table 1

Also check this one for Licensing and Subscription to enable features

Feature Matrix for 5510,5520,5540 Table-1

Pls rate any helpful posts




This Discussion