PIX 515 Interface Limit

casola · ‎01-20-2005

I wonder how many interfaces does my pix support.

It says 3 in show version, but I dont know if it's 515-R or 515-UR (UR support 6 ifs)

This is my show ver

Cisco PIX Firewall Version 6.1(1)

Compiled on Tue 11-Sep-01 07:45 by morlee

latin3.fw up 14 hours 48 mins

Hardware: PIX-515, 32 MB RAM, CPU Pentium 200 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0003.e300.4834, irq 11

1: ethernet1: address is 0003.e300.4835, irq 10

2: ethernet2: address is 00e0.b601.7a72, irq 7

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES: Enabled

Maximum Interfaces: 3

Cut-through Proxy: Enabled

Guards: Enabled

Websense: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

ISAKMP peers: Unlimited

sachinraja · ‎01-20-2005

Hi casola

The restricted version of PIX 515 supports only 3 interfaces. the UR license supports 6 interfaces, as said by you. You can know if it is a UR or R by the show version command.

See the last few lines of the command. it will tell u if you have a Restricted or UR software. Anyway, if you have a 4 FE dmz card and only one is recognised, it can be due to the fact that you have a restricted one. Just copy & paste the full "show version" output to us.

for more information about licensing you can refer to :

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html#wp51656

hope this helps.. all the best..

Raj

casola · ‎01-20-2005

This is my full show version. As you can see, did not say if its R or UR, that's what id tried to see before.

It's possible to get a license to enable my other 3 interfaces? (i have 4fe dmz card)

I thought that should be included with the card at buytime.

latin3.fw# show ver

Cisco PIX Firewall Version 6.1(1)

Compiled on Tue 11-Sep-01 07:45 by morlee

latin3.fw up 4 hours 26 mins

Hardware: PIX-515, 32 MB RAM, CPU Pentium 200 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0003.e300.4834, irq 11

1: ethernet1: address is 0003.e300.4835, irq 10

2: ethernet2: address is 00e0.b601.7a72, irq 7

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES: Enabled

Maximum Interfaces: 3

Cut-through Proxy: Enabled

Guards: Enabled

Websense: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

ISAKMP peers: Unlimited

Serial Number: xxxx

Activation Key: xxxx

latin3.fw#

cheffner · ‎01-20-2005

You have the Restricted version which is easy to tell since the Failover feature is Disabled in your show version output. As for upgrading the license from Restricted to UnRestricted that is possible but at an additional cost. I believe the retail is around $2000-$3000 upgrade so might not be worth it unless you need the additonal physical interfaces and/or the failover feature or additional ram requirements. 32 mb ram in Restricted and 64 mb of ram in Unrestricted. FYI - If you just need additional interfaces (not physcial) you could also create additional interfaces using DOT1Q and Trunking.

Hope this helps.

Christopher M. Heffner, CCIE 8211, CCSI 98760