Pix Firewall Vpn Accelerator Card; Installing Failover - Cisco PIX 501 Hardware Installation Manual

Pix series

Hide thumbs Also See for PIX 501:

Quick start manual (21 pages)

User and installation manual (156 pages)

Datasheet (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

page of 140

/ 140
Contents
Table of Contents
Bookmarks

Table of Contents

Installing Failover

PIX Firewall VPN Accelerator Card

The VPN Accelerator Card (VAC) for the Cisco PIX Firewall series is a card that provides high-performance,

tunneling and encryption services suitable for site-to-site and remote access applications. The VAC is

integrated with PIX 525 unrestricted (UR) and failover (FO) bundles. You can also purchase the VAC as a

spare for use with PIX 525 units that have a restricted (R) license.

PIX Firewall VPN Accelerator Card+

PIX Firewall Version 6.3 adds support for the VPN Accelerator Card+ (VAC+) . The VAC+ is a

64-bit/66 MHz PCI card, that provides faster tunneling and encryption services for Virtual Private

Network (VPN) remote access, site-to-site intranet and extranet applications than the VAC. Each VAC+

card occupies a single PCI slot in the system. The VAC+ is supported on any chassis that runs Version

6.3 software, has an appropriate license to run VPN software, and at least one PCI slot available. While

the VAC continues to be supported in Version 6.3, if both types of cards, the VAC and the VAC+, are

installed in a system running Version 6.3, the VAC card is ignored. The VAC+ is a 64-bit/66 MHz PCI

card, that runs at both 32-bit/33 MHz, as well as 64-bit/66 MHz, and does not slow down the bus when

other 66 MHz cards are installed. It is strongly recommended that the VAC+ be installed in a 64bit/66 MHz

slot. Performance will be degraded if this recommendation is not followed.

The 6.3 VAC+ driver supports the following:

•

Installing Failover

Complete these steps to install a failover connection:

Step 1

Power off both the primary and secondary units.

Note

Step 2

Locate the failover cable (shown in

unit. The cable is labeled Primary on one end and Secondary on the other.

Install the cable for the PIX 525 as shown in

Cisco PIX Firewall Hardware Installation Guide

6-6

3DES, DES, AES, SHA1, MD5 for (IPSec) ESP protocol (For AES, only the CBC mode and key

sizes of 128, 192, and 256 bits are supported).

SHA1, MD5 for the (IPSec) AH protocol.

Load sharing ESP and AH activity between up to three VAC+ cards.

Diffie Hellman public key and shared secret generation.

Any other crypto-related activity uses a software implementation.

Both PIX Firewall units has to be the same model number, have at least as much RAM, have the

same Flash memory size, and be running the same software version.

Figure

6-6). This cable is shipped separately from the PIX Firewall

Figure

6-6.

Chapter 6

PIX 525

78-15170-01

Table of Contents

Show Quick Links

Quick Links:
Pix 501 Product Overview

Hide quick links:

Table of Contents

This manual is also suitable for:

Pix 506e Pix 506 Pix 520 Pix 535 Pix 515 Pix 515e ... Show all

Pix Firewall Vpn Accelerator Card; Installing Failover - Cisco PIX 501 Hardware Installation Manual

Installing Failover

PIX Firewall VPN Accelerator Card

Hide quick links:

Related Manuals for Cisco PIX 501

Related Content for Cisco PIX 501

This manual is also suitable for:

Table of Contents