03-17-2004 01:51 PM - edited 02-20-2020 11:18 PM
On the PIX 515 when I do sh crypto engine ,it shows
Crypto Engine Connection Map:
size = 32, free = 11, used = 20, active = 20
I checked the command refernce but could not understand anything.
What does SIZE,FREE,USED,ACTIVE denote.
Does it mean that if I used the 11 free tunnels,I would not be able to add new peers on my PIX?
When I do sh tech,I see that the IPSec peers : Unlimited
03-23-2004 11:01 AM
I don't think this has anything to do with the maximum number of tunnels your PIX cn handle. With referenec to the meaning of the fields, this is what I got:
Size - The map size of the crypto engine. The map size will exponentially double if the number of IPSec tunnels outgrows the map size.
Ffree - The number of free connection entries in the map.
Used - The number of allocated connection entries in the map.
Active - The number of connection entries that is able to cryptographically protect IPSec traffic.
03-26-2004 09:40 PM
I can tell you that I have read somewhere in the documentation on a PIX 515e that there is no limit to the sessions, within reason, only in reguards to preformance issues. But the device is not limited. That was one of the reason's I decided on the PIX 515. As far as what the SIZE,FREE,??USED,ACTIVE means I could not answer you there.
Hope that helps,
joshl
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide