Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 525 / full throughput ? help please

Dear all,

 

I started in a new company and they have 2 x PIX 525 (fail over scenario).

The company had a link speed of 100 Mbps and now they upgraded to 1 Gbps, there is a plan to replace the PIX’s with ASA 5550.

But now I have to use the PIX’s but need to use as much as possible of the bandwidth (using the complete throughput of about 330 Mbps).

Both Pix’s have the standard interfaces (2x Ethernet /0/1 and 2x Gigabit 0/1).

The config of the interfaces is as follows:

Eth 0 : outside

Eth 1 :Sync

Gig 0 : management

Gig 1 : failover

I have 2 x Cisco PIX-1GE-66 PIX Firewall 66 Ethernet cards and would like to add them to both Pix’s (if they help to get the full throughput).

Now, what is the best config to achieve this? Which interface of the above 4 should I connect to the new 1GE card? Or what’s the best to do to get the full throughput?

I need to finish this within 1-2 days.

I would appreciate any help.

 

Thanks in advance

 

Madonamadona

Everyone's tags (1)
7 REPLIES

Hi Madona,As per my knowledge

Hi Madona,

As per my knowledge you can split the interface & traffic based on the load. Obviously Inside Segment & Outside segment will have the more load than the other. You can split that in to two different cards ( PCI Bus) so that you can gain the maximum throughput. This will prevent you from getting the overrun / under run error and cpu utilization issues.
 

HTH

 

Regards

Karthik

 

VIP Green

Due to overhead on the

Due to overhead on the packets you will never get the full throughput that is advertised with the device...just so that is clear.

Other than that, I would agree with what Karthik has suggested and split the traffic between the two cards (for inside and outside traffic).

--

Please remember to select a correct answer and rate helpful posts

--

Please remember to rate and select a correct answer
New Member

Many thanks to you all, will

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

New Member

Many thanks for your reply,

Many thanks for your reply, you are a star. Will try it. I am new in firewalling and I didn't configure the existing fws. Which port is the inside one do you think? As it's not described in the config. many thanks madonamadona

Hi Madona,I guess management

Hi Madona,

I guess management would be your inside interface. You can get to know that the interface which connects to your LAN would be the inside. That i cannot assure you. You can check the interface which connects to your LAN and find it out.

 

HTH

 

Regards

Karthik

New Member

Many thanks to you all, will

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

VIP Green

The interface name should be

The interface name should be in the configuration but it will not be under the interface sub-commands. If you want help identifying it please post your full running config (sanitised).
--

Please remember to rate and select a correct answer
87
Views
0
Helpful
7
Replies
CreatePlease login to create content