cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1614
Views
0
Helpful
6
Replies

Pix 515e Failover

wildturk79
Level 1
Level 1

I just purchased a 515e unit from a person that got done with CCNA stuff little did i know it was a failover unit. Is there anyway to knock out the failover part and make it a primary unit with no failover needed. Just using it as a personal home network firewall for now.

1 Accepted Solution

Accepted Solutions

The license upgrade you are looking for is "PIX-515-SW-FO-UR=". But as you say it's end of sale, so I'm not sure if you can order ist anywhere.

You can sell your unit on ebay and buy a bottle of beer from that money (I dont think you get much more for this PIX) ...

View solution in original post

6 Replies 6

varrao
Level 10
Level 10

Hi William,

I am not sure if you are talking about the license part. Even if the license says failover, you can still use it as a standalone device.  What version on PIX are you using? You have to configure failover on the pix in order to use it, if you dont configure then you can use it as a standalone unit.

http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html#wp1055062

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

If your PIX only has the FO-license (Failover only), then you can't use the PIX a a standalone device. In that case the PIX will restart at regular intervals because it is not intended to run standalone. Please post a "show version" to verify that.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

wildturk79
Level 1
Level 1

pixfirewall> show version

Cisco PIX Firewall Version 6.3(5)125

Cisco PIX Device Manager Version 3.0(4)

Compiled on Thu 01-Feb-07 15:13 by morlee

pixfirewall up 2 mins 14 secs

Hardware:   PIX-515E, 512 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ 0x300, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)

0: ethernet0: address is 000d.bcd3.fac2, irq 10

1: ethernet1: address is 000d.bcd3.fac3, irq 11

2: ethernet2: address is 0002.b339.c045, irq 5

Licensed Features:

Failover:                    Enabled

VPN-DES:                     Enabled

VPN-3DES-AES:                Enabled

Maximum Physical Interfaces: 6

Maximum Interfaces:          10

Cut-through Proxy:           Enabled

Guards:                      Enabled

URL-filtering:               Enabled

Inside Hosts:                Unlimited

Throughput:                  Unlimited

IKE peers:                   Unlimited

This PIX has a Failover Only (FO) license.

Serial Number: 807390079 (0x301fcb7f)

Running Activation Key: 0x6e583f4e 0x372e71ad 0xedceb7fe 0x59a76725

Configuration has not been modified since last system restart.

pixfirewall>

It has a FO licence only I would like to change out the license but to my understanding this product is EOL meaning it's no longer supported but i was reading online that maybe the license can be changed out?

The license upgrade you are looking for is "PIX-515-SW-FO-UR=". But as you say it's end of sale, so I'm not sure if you can order ist anywhere.

You can sell your unit on ebay and buy a bottle of beer from that money (I dont think you get much more for this PIX) ...

Well the PIX certainly is EOL, but its not end of support yet, but still I would recommend you to go to the latest PIX code, which is 8.0.3.

You can contcat the licensing team on licensing@cisco.com , if you have a valid support contract, they might help you with the license.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

I do not have a support contract, So i guess i will just toss  this unit in the good ole trash and call it a day. Chalk it up to a few dollars lost and pay better attention next time. Thanks for the assistance.

Review Cisco Networking for a $25 gift card