PIX 515E - VPN Clients

Unanswered Question
Nov 4th, 2008
User Badges:


I have been reading my books etc and then find out the PIX 515E doesn't support webVPN!!! Nice they could have put a header in each chapter.

Anyway what VPN CLient does a PIX 515E v7.2 support ? Any clientless ones ...help ;(



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
dhananjoy chowdhury Tue, 11/04/2008 - 05:34
User Badges:
  • Silver, 250 points or more

>> Site-to-Site and Remote Access IPSec VPN Only.

WebVPN is only available on the ASA.

edw Tue, 11/04/2008 - 05:40
User Badges:



Would it work using Cisco 3005 Concentrator in line then to do the SSL webVPN ? Instead of coughing up for a ASA (I only bought the PIX in Aug 06;()

Or if I use remote IPsec - could I force the clients to go through my proxy server ? IE is there a PIX command as part of the policies which allows me to push the http requests thorugh my proxy server ?



ajagadee Tue, 11/04/2008 - 12:09
User Badges:
  • Cisco Employee,


If this is a new purchase, I would strongly recommend that you consider the ASA for the below reasons.

VPN3000 is End of Sale and the last date of support is August 4, 2012.


While, 2012 is still 4 years away, one of the important thing to consider is the Software Support. 4.7 is the latest version on the VPN3000 and from the below URL you can see that the End of Software Maintenance is August 5, 2008. Meaning, if you run into any software caveats, you will most likely not have a code with the fix. With that said, you dont want to be put in a situation where you run into a software bug, no release has a fix and you are forced to go with a different solution or upgrade the platform to an ASA. I hope it makes sense.




*Pls rate if it helps*

edw Mon, 11/24/2008 - 09:52
User Badges:


Thanks - we are a educational charity and a ASA would be great but its another layout and I'm in the middle of a complete server upgrade. Credit crunch and all, I have bought a unit for £160 off eBay this will allow us to test proof of concept to some of our users then mid next year look at the ASA. I only bought the PIX515E about 2 years ago ;((( didn't live very long in Ciscos product line.

Anyway another question now and points to those that answer correctly and consisly!

I now have a PIX 515E and VPN 3005 concentrator. Is it more secure to put it in line or to have them run parrellel (IE both have public facing interfaces). As the VPN is end of software line now ? Only going to be running webVPN from it - other VPN clients are on PIX.




This Discussion