How many site-to-site VPN can PIX restricted License support?

donlin123 · ‎01-14-2008

I have a PIX 515E with restricted license.

Current, I have about 5 users connecting PIX using Cisco VPN clients for Windows XP.

Recently, I plan to connect two branch offices to this PIX using site-to-site VPN. Each uses Cisco 877 ADSL router.

Here is my show version:

Cisco PIX Firewall Version 6.3(5)

Cisco PIX Device Manager Version 3.0(2)

Compiled on Thu 04-Aug-05 21 :40 by morlee

up 43 days 5 hours

Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ Ox300, 16MB

BIOS Flash AM29F400B @ Oxfffd8000, 32KB

0: ethernetO: address is 0013.1952. 7b71, irq 10

1: ethernet1: address is 0013.1952. 7b72, irq 11

2: ethernet2: address is 000e.Oc69.d691, irq 11

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Physical Interfaces: 3

Maximum Interfaces: 5

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has a Restricted (R) license.

If I connect these two remote routers to my restricted licensed PIX, do I need to use unrestricted license? If I don't, do I need to buy more memory?

Thanks

Jon Marshall · ‎01-14-2008

Hi

As your output shows there is no limitation in terms of numbers for IKE peers. The key thing as you point out is how much memory do you need. To which the answer is it really depends on how much traffic you are putting through the firewall, how much CPU it currently uses and how memory it is currently using.

If you have PDM there is a nice graphical output of the resource usage.

Jon