Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
825
Views
0
Helpful
2
Replies

Cisco PIX 515E

sshrestha
Level 1
Level 1

‎09-16-2004 09:57 PM

Dear All,

I have one Cisco PIX Firewall 515E with Unrestricted Bundle (PIX-515E-UR-BUN) having VAC Card installed. Now I need this Firewall to be used as VPN Server supporting 3DES algorithm & need to support upto 50 VPN clients from differnt remote sites.

As I look into PIX Firewall's sh ver it shows:

pixfirewall# sh ver

Cisco PIX Firewall Version 6.3(1)

Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 19-Mar-03 11:49 by morlee

pixfirewall up xxx hours xxx min

Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ 0x300, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : Crypto5823 (revision 0x1)

0: ethernet0: address is 000f.24e9.c466, irq 10

1: ethernet1: address is 000f.24e9.c467, irq 11

2: ethernet2: address is 0005.5d19.6d0c, irq 11

3: ethernet3: address is 0005.5d19.6d0d, irq 10

4: ethernet4: address is 0005.5d19.6d0e, irq 9

5: ethernet5: address is 0005.5d19.6d0f, irq 5

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Disabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has an Unrestricted (UR) license.

It shows that:

VPN-3DES-AES: Disabled

1. To make 3DES enable, will it be OK if only add licencse ie:?

PIX-515-VPN-3DES (PIX 515/515E 168-bit 3DES VPN feature license)

Or

we need to change the VAC card to VAC+?

2. Also for Unrestricted bundle do we need to add license for to have access 50 VPN clients from remote? If yes then is it Ok if we add additional cost for license ie:

VPN-SW-3DES-100= (VPN Client (up to)100-user 3DES license)?

3. At Remote end also we need to provide VPN Client software right? Shall we use VPN Client Software:

CVPN-CLNT-36-K9= (Rel 3.6 Cisco VPN Client)?

Appreciate if someone help me on this.

Thanks

Suresh

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎09-19-2004 05:24 PM

1. Go here (https://www.cisco.com//cgi-bin/Software/FormManager/formgenerator.pl?pid=221&fid=1283) and apply for a 3DES key, it's free and you can just apply it to enable 3DES. You don't need ot upgrade your VAC card, it'll work fine with 3DES.

2. You don't need this on a UR 515E, it'll handle 50 client connections easily.

3. The latest SW version is 4.6, you can download it from here (http://www.cisco.com/cgi-bin/tablebuild.pl/vpnclient-3des) if you have a software contract. v3.6 is very old nowadays and I would not recommend rolling out a new deployment with it.

0 Helpful

sorensens
Level 1
Level 1

‎10-04-2004 01:59 PM

FYI:

For the encryption hardware device, "Crypto5823" is the VAC+ and "IRE2141" is the VAC. So you don't need to upgrade the hardware at all. :)

0 Helpful
Customers Also Viewed These Support Documents