Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1229
Views
0
Helpful
20
Replies

PIX 525 Multiple Outside Interface

Go to solution
Rajeevan Chaladan
Level 1
Level 1

‎10-17-2012 01:11 AM - edited ‎03-11-2019 05:10 PM

Hi all ,

We are in the process of adding second isp for webhosting purposes .Is there any issue if we are making outside 2 interface on the pix .i need to host some websites through this new link ie isp2 .i had seen lot of suggestions in the forums .I need to confirm and ask some valuable doubts on the suggestions .

PIX Version 7.0(7)

Labels:
0 Helpful
20 Replies 20

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Rajeevan Chaladan

‎10-22-2012 01:00 AM

You can grab the output of "show conn" during peak hours (once every 15 minutes) to check what is the maximum connections, but from the above output, it seems that the maximum connections does not exceed 30,000 connections.

You should be able to replace PIX525 with ASA5525-X, and still get a better specification than the existing PIX525.

Here is the datasheet for PIX525:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5709/ps2030/ps2118/product_data_sheet09186a0080091b09.html

and you can compare it with the ASA5525-X from the above advised URL.

Oh, do you have a requirement for VPN, as PIX525 supports 2000 IPSec VPN tunnels, but ASA5525-X only supports 750 IPsec VPN (but it also supports AnyConnect SSL VPN, and IPS)

0 Helpful

Go to solution
Rajeevan Chaladan
Level 1
Level 1
In response to Jennifer Halim

‎10-22-2012 05:13 AM

Hi halim ,

Thank you for giving me the continous support .

I have a separate box for vpn connectivity .But it is pix 515e.Once i replaced the pix 525 with a new model .I can use the pix 525  for vpn purposes .So the vpn  issue can solve . But my issue is about the throughput of new firewall. I will summarize the peak utilzation of the pix interfaces .

Interface Name         In                   Out

Interface1                   55 Mbps         10 Mbps

Interface2                  12 Mbps           20 Mbps

Intreface3                  80 Mbps          35 Mbps

Intreface4                  18  Mbps         70 Mbps

Intreface5                  350 kbps          400 kbps

Intreface6                  400 kbps          3 Mbps

Interface7failover        0                     3.5 Mbps

Do u have any suggestion for the throughput for my new asa .

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Rajeevan Chaladan

‎10-23-2012 03:50 AM

With that throughput, I would suggest the ASA5525-X as that supports maximum of 600 Mbps, which is more than enough for your current throughput utilization.

0 Helpful

Go to solution
Rajeevan Chaladan
Level 1
Level 1
In response to Jennifer Halim

‎10-23-2012 04:14 AM

Hi jennifer,

       Thank you for the update The data sheet firewall throughput is showing  2 Gbps . Firewall + IPS Services is 600 Mbps. That a good choice .Is there any issue if we using the ips with firewall .You have any link how we can use ips features in asa x series .

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Rajeevan Chaladan

‎10-23-2012 05:19 AM

Here we go, the configuration guide for IPS feature on the ASA-X series:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/modules_ips.html#wp1266836

0 Helpful

Go to solution
Rajeevan Chaladan
Level 1
Level 1
In response to Jennifer Halim

‎10-23-2012 03:22 AM

Hi jennifer,

         Any update on the suggestion .

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card