09-02-2012 11:44 PM - edited 03-11-2019 04:49 PM
I just purchased a 515e unit from a person that got done with CCNA stuff little did i know it was a failover unit. Is there anyway to knock out the failover part and make it a primary unit with no failover needed. Just using it as a personal home network firewall for now.
Solved! Go to Solution.
09-03-2012 06:53 AM
The license upgrade you are looking for is "PIX-515-SW-FO-UR=". But as you say it's end of sale, so I'm not sure if you can order ist anywhere.
You can sell your unit on ebay and buy a bottle of beer from that money (I dont think you get much more for this PIX) ...
09-03-2012 12:44 AM
Hi William,
I am not sure if you are talking about the license part. Even if the license says failover, you can still use it as a standalone device. What version on PIX are you using? You have to configure failover on the pix in order to use it, if you dont configure then you can use it as a standalone unit.
http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html#wp1055062
Hope that helps.
Thanks,
Varun Rao
Security Team,
Cisco TAC
09-03-2012 01:02 AM
If your PIX only has the FO-license (Failover only), then you can't use the PIX a a standalone device. In that case the PIX will restart at regular intervals because it is not intended to run standalone. Please post a "show version" to verify that.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
09-03-2012 06:34 AM
pixfirewall> show version
Cisco PIX Firewall Version 6.3(5)125
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 01-Feb-07 15:13 by morlee
pixfirewall up 2 mins 14 secs
Hardware: PIX-515E, 512 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
0: ethernet0: address is 000d.bcd3.fac2, irq 10
1: ethernet1: address is 000d.bcd3.fac3, irq 11
2: ethernet2: address is 0002.b339.c045, irq 5
Licensed Features:
Failover: Enabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 6
Maximum Interfaces: 10
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Failover Only (FO) license.
Serial Number: 807390079 (0x301fcb7f)
Running Activation Key: 0x6e583f4e 0x372e71ad 0xedceb7fe 0x59a76725
Configuration has not been modified since last system restart.
pixfirewall>
It has a FO licence only I would like to change out the license but to my understanding this product is EOL meaning it's no longer supported but i was reading online that maybe the license can be changed out?
09-03-2012 06:53 AM
The license upgrade you are looking for is "PIX-515-SW-FO-UR=". But as you say it's end of sale, so I'm not sure if you can order ist anywhere.
You can sell your unit on ebay and buy a bottle of beer from that money (I dont think you get much more for this PIX) ...
09-03-2012 07:01 AM
Well the PIX certainly is EOL, but its not end of support yet, but still I would recommend you to go to the latest PIX code, which is 8.0.3.
You can contcat the licensing team on licensing@cisco.com , if you have a valid support contract, they might help you with the license.
Thanks,
Varun Rao
Security Team,
Cisco TAC
09-03-2012 07:04 AM
I do not have a support contract, So i guess i will just toss this unit in the good ole trash and call it a day. Chalk it up to a few dollars lost and pay better attention next time. Thanks for the assistance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide