Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
664
Views
0
Helpful
7
Replies

PIX 525 / full throughput ? help please

madonamadona
Level 1
Level 1

‎06-17-2014 04:34 PM - edited ‎03-11-2019 09:20 PM

Dear all,

 

I started in a new company and they have 2 x PIX 525 (fail over scenario).

The company had a link speed of 100 Mbps and now they upgraded to 1 Gbps, there is a plan to replace the PIX’s with ASA 5550.

But now I have to use the PIX’s but need to use as much as possible of the bandwidth (using the complete throughput of about 330 Mbps).

Both Pix’s have the standard interfaces (2x Ethernet /0/1 and 2x Gigabit 0/1).

The config of the interfaces is as follows:

Eth 0 : outside

Eth 1 :Sync

Gig 0 : management

Gig 1 : failover

I have 2 x Cisco PIX-1GE-66 PIX Firewall 66 Ethernet cards and would like to add them to both Pix’s (if they help to get the full throughput).

Now, what is the best config to achieve this? Which interface of the above 4 should I connect to the new 1GE card? Or what’s the best to do to get the full throughput?

I need to finish this within 1-2 days.

I would appreciate any help.

 

Thanks in advance

 

Madonamadona

Labels:
0 Helpful
7 Replies 7

nkarthikeyan
Level 7
Level 7

‎06-17-2014 11:33 PM

Hi Madona,

As per my knowledge you can split the interface & traffic based on the load. Obviously Inside Segment & Outside segment will have the more load than the other. You can split that in to two different cards ( PCI Bus) so that you can gain the maximum throughput. This will prevent you from getting the overrun / under run error and cpu utilization issues.
 

HTH

 

Regards

Karthik

 

0 Helpful

Marius Gunnerud
VIP
VIP
In response to nkarthikeyan

‎06-18-2014 12:38 AM

Due to overhead on the packets you will never get the full throughput that is advertised with the device...just so that is clear.

Other than that, I would agree with what Karthik has suggested and split the traffic between the two cards (for inside and outside traffic).

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

madonamadona
Level 1
Level 1
In response to nkarthikeyan

‎06-18-2014 11:09 AM

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

0 Helpful

madonamadona
Level 1
Level 1

‎06-18-2014 12:28 AM

Many thanks for your reply, you are a star. Will try it. I am new in firewalling and I didn't configure the existing fws. Which port is the inside one do you think? As it's not described in the config. many thanks madonamadona
0 Helpful

nkarthikeyan
Level 7
Level 7
In response to madonamadona

‎06-18-2014 12:36 AM

Hi Madona,

I guess management would be your inside interface. You can get to know that the interface which connects to your LAN would be the inside. That i cannot assure you. You can check the interface which connects to your LAN and find it out.

 

HTH

 

Regards

Karthik

0 Helpful

madonamadona
Level 1
Level 1
In response to madonamadona

‎06-18-2014 11:08 AM

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

0 Helpful

Marius Gunnerud
VIP
VIP
In response to madonamadona

‎06-18-2014 11:15 AM

The interface name should be in the configuration but it will not be under the interface sub-commands. If you want help identifying it please post your full running config (sanitised).
--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card