Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1257
Views
0
Helpful
4
Replies

PIX 501 and 10 user license

7sboals
Level 1
Level 1

‎06-05-2002 04:18 PM - edited ‎02-20-2020 10:05 PM

I am looking at purchasing the PIX 501 with 10 user licenses. The product manual says:

The Cisco PIX 501 Firewall 10-user license supports up to 10 concurrent source IP addresses from your internal network to traverse through the PIX 501. The integrated DHCP server supports up to 32 DHCP leases.

If I run a web server for outside/inside will my connections be limited? Or is it just inside/out connections that have limits?

0 Helpful
4 Replies 4

David White
Cisco Employee
Cisco Employee

‎06-05-2002 05:06 PM

Only translations are counted. The static web server will only count as 1-user toward the license, no matter how many connections inbound come to it. This leaves you with 9 remaining available connections.

Hope this helps,

David.

0 Helpful

ddrodge
Level 1
Level 1

‎06-13-2002 09:26 AM

We have two PIX 501 one is in front of a 10-user LAN with an Exchange server on the protected side and use NAT and have opened port 25 through the PIX. The Exchange server opened five connections during the two hours it was in service. Only five of the 10 LAN user had Internet access. We tried to modify the default TIMEOUT settings but still had users with limited Internet access.

We found that the 10 user license was for ANY 10 connections through the PIX, it didn't matter whether the connections were inbound or outbound. If it passed through the PIX it counted. I wouldn't use this to protect a very active web/e-mail server.

We had to order the 50-user license upgrade. This PIX 501 is also the termination of a 3DES VPN. I'll be monitoring the CPU load.

0 Helpful

e.gushpantz
Level 1
Level 1

‎06-13-2002 01:56 PM

The limit is on the 10 concurrent source IP addresses from your internal network , which means if you are running a web server it's going to use 1 ip all the time from the limitation.

but i think you need to notice to the two following facts :

1. the pix refresh the ip table (as a ip connection exery 30 sec)

2. the licese is for 10 ip addresses but the tcp Concurrent connections are 3500 , so you are going to be limited to a connection to your web server also.

i suggest that you need to use a pix 515 with a DMZ for your web server.

good luck

EYLON G

0 Helpful

runsheng-zhang
Level 1
Level 1

‎06-13-2002 06:07 PM

The 10 user license will only limit your outgoing connections. For connections from internet to your web server through the PIX, no license limitation.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card