PIX 10 user limitation

amitjasani · ‎06-20-2002

Can I connect PIX 501 with 10 users license to a Network wih more than 10 PC and all accessing internet. But any time only 6-7 users will be surfing. If yes then I have a PIX which allows only the first 10 PC's which surf the net and the other PC's are denied access even if the previous PC are not using it anymore. Is there a way where I can clear the previous user if they are not surfing automatically after some time out.

t-mbuyi · ‎06-20-2002

why don't you setup a global (inside) to use it and once that exceeded users will go through the PAT.

global (inside) 1 66.xx.xx.10-66.xx.xx.19

global (inside) 1 66.xx.xx.20

hope this help

ncosmetic · ‎06-20-2002

I don't think licence limits can be broken but that way..

I just use microsoft nat (pat) solution on MS W2K server before puting traffic through PIX and PIX thinks that I have only one PC.

amitjasani · ‎06-21-2002

the License is for simultaneos 10 users so in that context it should work if I manually clear the tcp list it accepts the other connections but this should be done by itself if the PC is not accessing the internet.

edadios · ‎07-01-2002

on pic code 6.2 you can set a timeout parameter for the nat

see the command reference for 6.2 :

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/mr.htm#xtocid6 .

Regards,

m.mimouni · ‎07-02-2002

Hi

You can clear the xlate table with the command clear xlate or you can change the timeout of the xlate (by default it is set to 3 hours) with the command timeout xlate 0:05:00 (5 min per example)

Mohammed

Regards