cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
534
Views
0
Helpful
7
Replies

PIX 525 / full throughput ? help please

madonamadona
Level 1
Level 1

Dear all,

 

I started in a new company and they have 2 x PIX 525 (fail over scenario).

The company had a link speed of 100 Mbps and now they upgraded to 1 Gbps, there is a plan to replace the PIX’s with ASA 5550.

But now I have to use the PIX’s but need to use as much as possible of the bandwidth (using the complete throughput of about 330 Mbps).

Both Pix’s have the standard interfaces (2x Ethernet /0/1 and 2x Gigabit 0/1).

The config of the interfaces is as follows:

Eth 0 : outside

Eth 1 :Sync

Gig 0 : management

Gig 1 : failover

I have 2 x Cisco PIX-1GE-66 PIX Firewall 66 Ethernet cards and would like to add them to both Pix’s (if they help to get the full throughput).

Now, what is the best config to achieve this? Which interface of the above 4 should I connect to the new 1GE card? Or what’s the best to do to get the full throughput?

I need to finish this within 1-2 days.

I would appreciate any help.

 

Thanks in advance

 

Madonamadona

7 Replies 7

nkarthikeyan
Level 7
Level 7

Hi Madona,

As per my knowledge you can split the interface & traffic based on the load. Obviously Inside Segment & Outside segment will have the more load than the other. You can split that in to two different cards ( PCI Bus) so that you can gain the maximum throughput. This will prevent you from getting the overrun / under run error and cpu utilization issues.
 

HTH

 

Regards

Karthik

 

Due to overhead on the packets you will never get the full throughput that is advertised with the device...just so that is clear.

Other than that, I would agree with what Karthik has suggested and split the traffic between the two cards (for inside and outside traffic).

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

madonamadona
Level 1
Level 1
Many thanks for your reply, you are a star. Will try it. I am new in firewalling and I didn't configure the existing fws. Which port is the inside one do you think? As it's not described in the config. many thanks madonamadona

Hi Madona,

I guess management would be your inside interface. You can get to know that the interface which connects to your LAN would be the inside. That i cannot assure you. You can check the interface which connects to your LAN and find it out.

 

HTH

 

Regards

Karthik

Many thanks to you all, will give it  a try and then report back.

 

Thanks again

 

Madonamadona

The interface name should be in the configuration but it will not be under the interface sub-commands. If you want help identifying it please post your full running config (sanitised).
--
Please remember to select a correct answer and rate helpful posts
Review Cisco Networking for a $25 gift card