PIX 501 for home use?
in [Cisco]
|
Prev: Cisco PIX 515E Configuration
Next: Pix 501 VPN
From: Doug McIntyre on 12 Jan 2010 16:00 Davej <galt_57(a)hotmail.com> writes: >On Jan 11, 10:50=A0pm, Doug McIntyre <mer...(a)geeks.org> wrote: >> Davej <galt...(a)hotmail.com> writes: >> >I just want something very reliable. I don't really need much >> >performance. >> >> I've had fortigate/Netscreen/Juniper/Cisco uptime all measured in >> years. They all just keep going until I need to do a software update >> or whatever. >Well, a lot of used units I see for sale look like the result of >bankruptcy liquidations. Often they don't even have the power supply. >I would worry that the admin password would be locked. Power supply is the bigger issue. Password recovery on all three vendors I mention above is somewhat easy. Netscreen/SSG enter the serial # for both username/password on the console port. PIX requires you to download the password recovery from CCO (or somebody you know that has access), and netboot off that image and it'll wipe the password. Fortigate is simular to the Netscreen, login on the console port with 'maintainer' & 'bcpb<HW SERIAL NUM>'. There's one other pattern for older Fortigate, but you can google those.
From: Davej on 12 Jan 2010 18:15 On Jan 12, 3:00 pm, Doug McIntyre <mer...(a)geeks.org> wrote: > Davej <galt...(a)hotmail.com> writes: > >On Jan 11, Doug McIntyre <mer...(a)geeks.org> wrote: > >> Davej <galt...(a)hotmail.com> writes: > >> >I just want something very reliable. I don't really need much > >> >performance. > > >> I've had fortigate/Netscreen/Juniper/Cisco uptime all measured in > >> years. They all just keep going until I need to do a software update > >> or whatever. > > >Well, a lot of used units I see for sale look like the result of > >bankruptcy liquidations. Often they don't even have the power supply. > >I would worry that the admin password would be locked. > > Power supply is the bigger issue. > Password recovery on all three vendors I mention above is somewhat easy. > Well, in that case it looks like it would be easy to pick up something like a Netscreen 5GT for around $60 or less.
From: Doug McIntyre on 13 Jan 2010 12:42 Davej <galt_57(a)hotmail.com> writes: >Well, in that case it looks like it would be easy to pick up something >like a Netscreen 5GT for around $60 or less. Sure, those boxes worked well, they are everywhere, I still have a few in production. The GUI is okay, a few browsers choke on it. No new software updates for them, but that doesn't sound like its a factor in your plans.
From: Davej on 14 Jan 2010 01:36 On Jan 13, 11:42 am, Doug McIntyre <mer...(a)geeks.org> wrote: > Davej <galt...(a)hotmail.com> writes: > >Well, in that case it looks like it would be easy to pick up something > >like a Netscreen 5GT for around $60 or less. > > Sure, those boxes worked well, they are everywhere, I still have a few > in production. The GUI is okay, a few browsers choke on it. No new > software updates for them, but that doesn't sound like its a factor in > your plans. So, with a unit like that is there anything particularly useful that can be done with the added flexibility? I mean compared to a simple unit like my old Linksys?
From: Doug McIntyre on 15 Jan 2010 18:03
Davej <galt_57(a)hotmail.com> writes: >On Jan 13, 11:42=A0am, Doug McIntyre <mer...(a)geeks.org> wrote: >> Davej <galt...(a)hotmail.com> writes: >> >Well, in that case it looks like it would be easy to pick up something >> >like a Netscreen 5GT for around $60 or less. >> >> Sure, those boxes worked well, they are everywhere, I still have a few >> in production. The GUI is okay, a few browsers choke on it. No new >> software updates for them, but that doesn't sound like its a factor in >> your plans. >So, with a unit like that is there anything particularly useful that >can be done with the added flexibility? I mean compared to a simple >unit like my old Linksys? It depends quite alot on what you want to do. Ie. you have alot more flexibility, but unless you need it, it'll mainly sit there. One thing that I find much nicer with this class would be that protocols like FTP work cleanly without having to do some tricks that is sometimes needed. Doing VOIP calls with SIP and H.323 would work that just isn't going to function well with the Linksys. And of course, it'll be more stable. I'm sure I have one with uptime greater than 18-24 months. |