Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Pix Inside host limit.

One of our customer has pix 501 with 10 license, in sh ver command inside host is 10 and throughput is limited. They had only 5 users, now they have increased to 20 users.

Randomly some times, for some users internet does not work and then starts working after sometime.

Does it have something to do with licenses, do I have to upgrade to 50 licenses.

Thanks,

Sayeed Alhajri.

7 REPLIES
Community Member

Re: Pix Inside host limit.

Hi Sayeed,

If you have 10-User License, it supports up to ten concurrent source IP addresses from your internal network to traverse through the PIX 501. The integrated DHCP server supports up to 32 DHCP leases.

So, it is clear from above lines is that if the there are more than 10 people accessing the internet through the PIX 501 firewall will be dropped. To increase no of simultaneous connections I suggest you to buy license. Here you need to take a call, if you feel that 10 or less than that access Internet simultaneously, no need of purchasing licenses.

If you need more information, let me know.

Thank you.

Murthy.

Community Member

Re: Pix Inside host limit.

I have the same problem but with a PIX 515. What is the possible cause ?

Community Member

Re: Pix Inside host limit.

It is the limit by CISCO.

Community Member

Re: Pix Inside host limit.

I don't understand what is the meaning of "Limit by CISCO"

Community Member

Re: Pix Inside host limit.

it just means - you are getting what you paid for...

if you need more users to go to the Internet (make 'outside' connections), then you have to upgrade the number of users' license...

sometimes even when the 10th person (the previous example) is trying to make an outside connection, he may not succeed..this is because the current xlate sessions have not timed out..

if that 10th person is your boss, you can do a 'clear xlate' to clear all current connections and start new connections...

hope this helps

best regards / Sampath.

Community Member

Re: Pix Inside host limit.

The best option would be to upgrade your license to 50 users. The only other option would be to reduce your connection timeout to allow the PIX to clear idle connections quicker, but you would still be bound to the 10 ip connections, so your problems will not go away entirely.

Community Member

Re: Pix Inside host limit.

You can setup your xlate & connection timeouts to a minimum - doing so will enable efficient use of your licensing as it will clear multiple connections from a single user that are idle more frequently. You might have to buy additional licensing in future if everybody is using multiple external connections.

312
Views
0
Helpful
7
Replies
CreatePlease to create content