Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
1
Replies

PIX 501 related

otnj2ee
Level 1
Level 1

‎10-11-2005 07:17 PM - edited ‎02-21-2020 12:27 AM

I would like to use the PIX 501 firewall for the following purposes, but not so sure if it can handle them:

1) support 3 interfaces: inside, outside, and a DMZ?

2) Remotely configure/maintain the firewall using command-line interface (CLI) via VPN?

3) What is the difference of Telnet over IPSec Versus VPN? Is this Telnet safe?

4) What is the console port for? and what is "out of band through a console port"?

and finally,

5) If this firewall is connected via a ADSL modem to the internet (supported by a ISP)and its IP address is dynamic. Now I want to connect two computers to the firewall, one to the DMZ, and another to the inside interface (both of these two computers' IP are private IP). When this LAN configuration is done, can both the computers access the internet?

(I know I can have one computer connected to the ADSL's modem and access the internet. I wonder with this firewall, if I can have two computers access the internet, without using a router?)

Thanks

Scott

0 Helpful
1 Reply 1

jmia
Level 7
Level 7

‎10-11-2005 10:10 PM

Scott -

1/ The 501 is NOT for DMZ, it has an outside interface and 4 switch ports, if you want DMZ you'll need PIX 515 and above for this. The 501 is known as a SOHO (Small Office Home Office) device and geared to this enviroment.

2/ Yes you can remotely manage your firewll via VPN and also SSH - which I use to manage our firewalls.

3/ Telnet to the outside interface of PIX is not allowed (not safe), better to use SSH or IPSec VPN.

4/ The console port is for administering/configuring the firewall, when using the console port you'll be on the CLI.

5/ Yes you can either connect your devices (up to 4) directly to the 501 switch port or use one of the switch ports to connect to a internal switch (say 24 port or 48 port or higher) and then plug your internal devices to this switch so that you can expand your internal devices. Please remember that the 501 has a limitation, in that you can either have 10 user licence or 50 or Unlimited user licence.

Also, as explained before the 501 is made for small offices so keep in mind the performace (throughput) will be affected.

If you are considering DMZ, then (as said above) you'll need PIX 515 or above!

Hope I've answered your questions.

Jay

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card