I have a PIX 515 that a friend gave me. I was told by a salesman that it was a failover unit that won't work by itself. It shows that it is a PIX 515, 32 MB RAM, CPU Pentium 200 MHZ, Licensed options: failover: disabled, ipsec: disabled. The unit shows that it is v.4.4(7), but my main question is will this work as a standalone unit just fine, or do I need to get a "primary" unit to work with it. (It does have the word "failover" on the back next to the failover port) I don't need a failover configuration at this time. Thanks!
PIX boxes are turned into failover boxes by the existence of the failover cable. If its not plugged in, its a standalone firewall and will work fine. By the way your friend got any more PIXs laying around? :)
I had a similiar situation. When I tried to boot the failover box it would not boot and gave a message that it was a failover box and needed a primary PIX to work. I checked with Cisco and in fact if it is a failover box, it cannot work as a standalone system. I needed the primary PIX box. It should tell you this when you attempt to boot.
It turns out that the older code will allow the PIX to boot if it is indeed a FO unit. The problem is the PIX will re-boot every 24 hours or less. With th 6.0 code it wont even boot! Can't blame them as it cost much less that the real deal.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...