Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
261
Views
0
Helpful
2
Replies

Standing up a Second Pix 525

stalljh
Level 1
Level 1

‎11-15-2004 07:58 AM - edited ‎02-20-2020 11:44 PM

We have a Pix 525 unrestricted and another 525 for the failover. Am looking at upgrading the keys for the failover to make it into an unrestricted PIX. I only have 1 route out and am wondering if having 2 Pix firewalls going to the same route out would make any sense. I know I could use one for VPN traffic etc. I am looking on the Cisco site for any configuration examples to see if pursuing the cost of upgrading and implementing another PIX would be an added security bonus or is not necessary.

Thanks.

0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎11-15-2004 03:00 PM

I really don't see any benefit to this. You'd be better off just leaving them in a failover setup and then you have a backup. If you use one purely for VPN access, if it has a hardware failure then all your VPN access is down. Similarly if the other one dies you lose all your Internet access. At least if they're in a failover situation if one dies you still have access for both Internet and VPN.

0 Helpful

tyagivijay
Level 1
Level 1

‎11-16-2004 12:22 AM

Hello ,

If you want the setup like this :--

LAN---PIX1---PIX2---Router---Internet

than although the other PIX can provide you more security , bu rather you can upgrade the Router IOS to Firewall enabled & Router can act as the First wall of protection.

Thanks

Vijay Tyagi

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card