[TriLUG] Cisco PIX 515

Steve Hoffman srhoffman at gmail.com
Tue Mar 8 12:59:34 EST 2005


OK, can somebody please explain to me why Cisco makes it so hard to
get software upgrades?  I have no desire to purchase $3500 worth of
hardware to get a simple software update that cisco swears is
available from any "partner".  Yet I call all their partners with the
cisco part number and they tell me it doesn't exist...that I need the
515E...

Can anybody get their hands on SF-PIX-515-6.3 or know how I can
legally get it?  We have the restricted version (so no failover) if
that helps.  We're not averse to paying for it, but in time alone I've
probably pissed away the cost to purchase.


Thanks,
Steve


On Wed, 2 Mar 2005 09:04:02 -0500, Ryan Leathers
<Ryan.Leathers at globalknowledge.com> wrote:
> yeeeesh! now hanging my head in shame in accordance with Jon's wishes :(
> 
> 
> -----Original Message-----
> From: Jon Carnes [mailto:jonc at nc.rr.com]
> Sent: Tuesday, March 01, 2005 10:54 PM
> To: Triangle Linux Users Group discussion list
> Subject: Re: [TriLUG] Cisco PIX 515
> 
> In a word Steve, you are hosed. Do yourself a favor and spend $60 on a
> Linksys firewall - put that in parallel with your Pix and never tell
> your boss...
> 
> Seriously, do you have an old spare computer laying around that works
> but is too old to be a workstation?  If yes, you are in luck. Install
> OpenBSD on that sucker and then simply follow the examples (in the man
> pages) for allowing PPTP to pass through. OpenBSD is a real firewall and
> far superior to any PIX.
> 
> I love Cisco. I hate the PIX. It's a piece of garbage and I wish folks
> would use them for something more appropriate like a door-stop or small
> boat anchor. Even a low end PIX costs as much as a nice PC, and you have
> to contend with <gasp> user licensing.... I would hang my head in shame
> if I ever owned a PIX firewall.
> 
> And that is the straight dope from,
> 
> Jon Carnes
> 
> On Tue, 2005-03-01 at 17:00, Steve Hoffman wrote:
> > I have a cisco PIX 515 firewall running OS 6.0.  I'm trying to get it
> > to allow PPTP pass through, but am coming up empty.  I'm connecting to
> > a Windows VPN which I can't change, although I was first trying to
> > connect with pptpclient for linux so this is On Topic!  That kept
> > failing so I tried to connect from a win box and got the same results.
> >  I'm almost positive the PIX is to blame as there is no error on the
> > VPN server (in fact, no indication a connection was even made)  but I
> > am able to connect fine from inside the network using the same
> > pptpclient config on a different machine, but that's pretty much
> > useless to me as I want to connect from home.
> >
> > Does anyone know how to configure that?  From all I've read on the
> > net, I need a newer version of the OS, but haven't been able to find
> > it anywhere.  I'm hoping someone just knows how to enable the
> > passthrough as trying to purchase OS upgrades from Cisco has always
> > been a nightmare.  I've opened up port 1723 on the pix and can telnet
> > to it fine, not that I know what to type once I get to the prompt.
> >
> > Any suggestions welcome and greatly appreciated!
> >
> >
> > Thanks,
> > Steve
> 
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>



More information about the TriLUG mailing list