Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
213
Views
0
Helpful
2
Replies

pix 515 question

b-mackey
Level 1
Level 1

‎03-17-2004 01:51 PM - edited ‎02-20-2020 11:18 PM

On the PIX 515 when I do sh crypto engine ,it shows

Crypto Engine Connection Map:

size = 32, free = 11, used = 20, active = 20

I checked the command refernce but could not understand anything.

What does SIZE,FREE,USED,ACTIVE denote.

Does it mean that if I used the 11 free tunnels,I would not be able to add new peers on my PIX?

When I do sh tech,I see that the IPSec peers : Unlimited

0 Helpful
2 Replies 2

drolemc
Level 6
Level 6

‎03-23-2004 11:01 AM

I don't think this has anything to do with the maximum number of tunnels your PIX cn handle. With referenec to the meaning of the fields, this is what I got:

Size - The map size of the crypto engine. The map size will exponentially double if the number of IPSec tunnels outgrows the map size.

Ffree - The number of free connection entries in the map.

Used - The number of allocated connection entries in the map.

Active - The number of connection entries that is able to cryptographically protect IPSec traffic.

0 Helpful

Not applicable

‎03-26-2004 09:40 PM

I can tell you that I have read somewhere in the documentation on a PIX 515e that there is no limit to the sessions, within reason, only in reguards to preformance issues. But the device is not limited. That was one of the reason's I decided on the PIX 515. As far as what the SIZE,FREE,??USED,ACTIVE means I could not answer you there.

Hope that helps,

joshl

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card