Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble with PIX 501 user limit?

I have installed a Cisco PIX 501 at a client's site, and now a couple of weeks later we are having an issue where some computers cannot access the Internet. The PCs can ping the internal interface of the firewall, and can resolve hostnames. But about three of them cannot ping public IP addresses. I thought the arp cache might be corrupted on the switch, so we restarted that to no good effect.

I suspect that the client has somehow run up against the 10-user limit for their PIX 501 license.

The site has eight PCs and a server, so it doesn't seem like they should be going over the 10-user limit.

I'm not much of an expert when it comes to the PIX, so I wonder if someone can tell me how to determine whether this is the case, and maybe give me some tips on how to resolve the issue?

Thanks very much for any advice you can offer.

Best regards,



Re: Trouble with PIX 501 user limit?


Can you execute "show local-host" in your PIX 501 Firewall? It will show you how it use the 10-user license.



New Member

Re: Trouble with PIX 501 user limit?

Any chance you can help me make sense of this? Does it really look like we have exceeded the number of allowed connections by over 3400?

pixfirewall# show local-host

Interface inside: 10 active, 10 maximum active, 3493 denied

local host: <>,

TCP connection count/limit = 12/unlimited

TCP embryonic count = 2

TCP intercept watermark = unlimited

UDP connection count/limit = 0/unlimited



PAT Global Local

PAT Global Local

PAT Global Local

PAT Global Local

PAT Global Local

PAT Global Local

PAT Global Local

etc, etc.