VPN on PIX or Router?

By Working IT ·
Should I use the PIX or Router to handle the VPN request?

I have a Cisco PIX and a Cisco Router. They are both capable of VPN. Which one I should use? And why?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

I'd go with the PIX

by TBBrick In reply to VPN on PIX or Router?

If you configure the router to manage the VPN, you're still going to have to configure the PIX to allow it. Why not have the configuration hassle on one device rather than two?

Collapse -

It depends on what you need

by djdawson In reply to I'd go with the PIX

The PIX and IOS router are pretty similar in their VPN
support, with the router having the advantage for site-to-
site VPNs. Licensing could be a factor, since the low end
PIXes restrict the number of simultaneous VPN
connections. Also, prior to verison 7.0 the PIX doesn't
allow incoming VPN traffic to be routed directly back out
to the Internet, so if you need that go with the router (or
use split tunneling, but some people have security issues
with that feature). Depending on your router hardware,
the PIX may have a performance advantage. Routers that
don't have encryption hardware only support very low
amounts of VPN traffic (all the ISR routers - the 1800,
2800, and 3800 routers - have basic encryption
hardware; other models require add-on modules of some

If all you need is a couple remote VPN client connections
for selected users, I'd go with the PIX.



Related Discussions

Related Forums