quick cisco pix question

Discussion in 'Networking & Security' started by PHUNBALL, Jun 13, 2006.

  1. PHUNBALL

    PHUNBALL Gawd

    Messages:
    743
    Joined:
    Sep 28, 2001
  2. TheDude05

    TheDude05 Limp Gawd

    Messages:
    393
    Joined:
    Jan 27, 2005
    Can they static route? Wanting to use a pix501 on a small network to replace an old 10megabit cisco 1602 router and cheap d-link firewall. Doesn't need anything else besides static routing
     
  3. TheDude05

    TheDude05 Limp Gawd

    Messages:
    393
    Joined:
    Jan 27, 2005
    ok I have another question. The install guide for this thing acts like it will only allow up to 10 inside active hosts to "use" it. Is this in relation to the vpn tunnels or all network traffic? From the sounds of it it means any traffic but I want to double check. I was really wanting to change out our old equipment

    This is the guide im reading

    http://www.cisco.com/application/pd...ps2030/c1616/ccmigration_09186a008017da02.pdf

    Active Host Limitation
    The PIX 501 supports up to 10 active hosts on the inside network, or 50 active hosts on the inside
    network if the optional 50-User License has been purchased. A host is considered active when any of
    the following statements are true:
    • The host has passed traffic through the PIX Firewall in the last 30 seconds
    • The host has an established NAT/PAT translation through the PIX Firewall
    • The host has an established TCP connection or UDP session through the PIX Firewall
    • The host has an established user authentication through the PIX Firewall
    Refer to the System Properties>Timeout online help within PDM for the default inactivity timeout
    values associated with each of the preceding bulleted items.
     
  4. PHUNBALL

    PHUNBALL Gawd

    Messages:
    743
    Joined:
    Sep 28, 2001
    You read it correctly. Unless you purchase the 50 host license then 10 is your limit. The 501 is a pretty small device so it's not going to do a whole lot...
     
  5. Boscoh

    Boscoh [H]ard|Gawd

    Messages:
    1,159
    Joined:
    Nov 25, 2003
    It is all traffic. A host is a host is a host. VPN traffic or regular network traffic will meet at least one of those conditions.