Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How many outbound internet connections are allowed on PIX 501?

How many simultaneous outbound users can get internet access thru a PIX 501? No restrictive outbound access-lists are set.

5 REPLIES
Silver

Re: How many outbound internet connections are allowed on PIX 50

depends on the license - 10, 50 or unlimited user.

New Member

Re: How many outbound internet connections are allowed on PIX 50

We have a 10 user license PIX 501

I was informed that the 10 user license is only for VPN tunnels, which will suit us fine. But could you confirm that the 10 user licence WILL actually restrict a max of 10 (non-vpn) outbound connections to the internet?

If you confirm, I'll upgrade.

Thanks!!!

Chris

Silver

Re: How many outbound internet connections are allowed on PIX 50

No, it is my understanding that 10 vpn tunnels (increased from 5 in the 6.3 code) is a limit for the entire 501 platform, regardless of user license - this is probably a good idea because the 501 is only a 5x86 133mhz cpu = no much horsepower for doing lots and lots of tunnels.

User license limitations restrict how many IP addresses from behind the pix make connections outbound - 10 active network devices = 10 users.

New Member

Re: How many outbound internet connections are allowed on PIX 50

Interesting point...what if you are not using the PIX501 as eg DHCP server and just as a gateway..the pix won't know how many clients there are on the LAN and will forward internet traffic regardless?

Steve

dro
New Member

Re: How many outbound internet connections are allowed on PIX 50

Not quite. Any traffic that is going through the PIX out to the Internet will count against a license, even if your not using the PIX as the DHCP server.

This is because the PIX has to build an xlate for the Internal host to external port or IP (NAT/PAT). When it does this, it keeps track of how many connections is has stored.

You could have more computers than the number of licenses on the Internal network, just as long as they don't all need Internet access at the same time.

-Joshua

171
Views
0
Helpful
5
Replies