Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
823
Views
0
Helpful
7
Replies

Pix Inside host limit.

sayeed
Level 1
Level 1

‎05-10-2003 09:10 PM - edited ‎02-20-2020 10:44 PM

One of our customer has pix 501 with 10 license, in sh ver command inside host is 10 and throughput is limited. They had only 5 users, now they have increased to 20 users.

Randomly some times, for some users internet does not work and then starts working after sometime.

Does it have something to do with licenses, do I have to upgrade to 50 licenses.

Thanks,

Sayeed Alhajri.

0 Helpful
7 Replies 7

devam
Level 1
Level 1

‎05-10-2003 10:29 PM

Hi Sayeed,

If you have 10-User License, it supports up to ten concurrent source IP addresses from your internal network to traverse through the PIX 501. The integrated DHCP server supports up to 32 DHCP leases.

So, it is clear from above lines is that if the there are more than 10 people accessing the internet through the PIX 501 firewall will be dropped. To increase no of simultaneous connections I suggest you to buy license. Here you need to take a call, if you feel that 10 or less than that access Internet simultaneously, no need of purchasing licenses.

If you need more information, let me know.

Thank you.

Murthy.

0 Helpful

mcoulibaly
Level 1
Level 1
In response to devam

‎05-14-2003 01:02 AM

I have the same problem but with a PIX 515. What is the possible cause ?

0 Helpful

sayeed
Level 1
Level 1
In response to mcoulibaly

‎05-14-2003 05:31 AM

It is the limit by CISCO.

0 Helpful

mcoulibaly
Level 1
Level 1
In response to sayeed

‎05-14-2003 09:21 AM

I don't understand what is the meaning of "Limit by CISCO"

0 Helpful

sampathsr
Level 1
Level 1
In response to mcoulibaly

‎05-20-2003 07:02 PM

it just means - you are getting what you paid for...

if you need more users to go to the Internet (make 'outside' connections), then you have to upgrade the number of users' license...

sometimes even when the 10th person (the previous example) is trying to make an outside connection, he may not succeed..this is because the current xlate sessions have not timed out..

if that 10th person is your boss, you can do a 'clear xlate' to clear all current connections and start new connections...

hope this helps

best regards / Sampath.

0 Helpful

wolfrikk
Level 3
Level 3

‎07-15-2003 05:38 AM

The best option would be to upgrade your license to 50 users. The only other option would be to reduce your connection timeout to allow the PIX to clear idle connections quicker, but you would still be bound to the 10 ip connections, so your problems will not go away entirely.

0 Helpful

rahil.patel
Level 1
Level 1

‎02-06-2004 03:12 PM

You can setup your xlate & connection timeouts to a minimum - doing so will enable efficient use of your licensing as it will clear multiple connections from a single user that are idle more frequently. You might have to buy additional licensing in future if everybody is using multiple external connections.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card