Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 501 License

For PIX 501, Cisco offers a Connection-based license: 10 or 100 users. What does this mean (e. g. for a 10 user license):

- a maximum of 10 xlates in the nat table?

- a maximum of 10 connections in the conn table?

If last one is true, one user might estabish 10 outbound connections (from one ip address). At this time, other users cannot establish any outboung connection?

Thanks

Edgar

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: PIX 501 License

A "user" is defined as follows:

- has sent or received traffic through the PIX in the last xlate timeout seconds (five minutes with the 501 default config).

- has a UDP or TCP connection

- has a NAT session

- has a user authentication session

It is certainly not the number of connections, but basically the number of unique internal IP addresses that have any number of connections through the PIX. The 501 will support up to around 26000 connections, but only 10 internal IP addresses could be using those.

You can do a "sho local-host" on the PIX to see all the current "users".

1 REPLY
Cisco Employee

Re: PIX 501 License

A "user" is defined as follows:

- has sent or received traffic through the PIX in the last xlate timeout seconds (five minutes with the 501 default config).

- has a UDP or TCP connection

- has a NAT session

- has a user authentication session

It is certainly not the number of connections, but basically the number of unique internal IP addresses that have any number of connections through the PIX. The 501 will support up to around 26000 connections, but only 10 internal IP addresses could be using those.

You can do a "sho local-host" on the PIX to see all the current "users".

284
Views
0
Helpful
1
Replies
CreatePlease login to create content