Page 1
CHA PTER
5
PIX 520
This chapter guides you through the installation of the PIX 520, and includes the following sections:
• PIX 520 Product Overview, page 5-1
• Installing the PIX 520, page 5-4
• PIX 520 Feature Licenses, page 5-6
• Installing Failover, page 5-7
• Installing LAN-Based Failover, page 5-8
• Removing and Replacing the PIX 520 Chassis Cover, page 5-10
• Replacing a Lithium Battery, page 5-12
• Installing a Memory Upgrade, page 5-12
• Installing a Circuit Board in the PIX 520, page 5-15
• Installing the PIX 520 DC Model, page 5-21
PIX 520 Product Overview
This section describes the PIX 520 front and rear panels and the panel LEDs.
Figure 5-1 shows the front view of the PIX 520.
Figure 5-1 PIX 520 Front Panel
PIX Firewall
RESE
T
78-15170-02
SERIES
67852
Cisco PIX Security Appliance Hardware Installation Guide
5-1
Page 2
PIX 520 Product Overview
Note Use of the four-port Ethernet circuit board changes the position of the outside and inside interfaces
Chapter 5 PIX 520
Figure 5-2 shows the rear view of the PIX 520.
Figure 5-2 PIX 520 Rear Panel
Auto-Range Selection
L:90-135V H:180-270V
R
ESET
PIX Firewall
SERIES
67853
depending on the slot in which the circuit board is installed. Four-port Ethernet connectors are numbered
from the top connector down sequentially. On horizontally mounted cards, the slots are numbered left to
right.
The PIX 520 can be used with Ethernet circuit boards.
The four-port Ethernet circuit board provides four 10/100 Ethernet connections and has autosense
capability. Connectors on the four-port Ethernet circuit board are numbered top to bottom sequentially;
however, the actual device number depends on the slot in which the four-port Ethernet circuit board is
installed.
Table 5-1 describes how the top connector is numbered.
Table 5-1 Numbering Devices with a Four-Port Connector
Four-Port Top
Slot 0 Contains Slot 1 Contains Slot 2 Contains
Connector
4-port Any Any ethernet0
Ethernet 4-port Any ethernet1
Ethernet Ethernet 4-port ethernet2
Token Ring 4-port Any ethernet0
Token Ring Token Ring 4-port ethernet0
Token Ring Ethernet 4-port ethernet1
Ethernet Token Ring 4-port ethernet1
With the four-port Ethernet circuit board, having a circuit board in slot 3 makes the number of interfaces
greater than six; while the circuit board in slot 3 cannot be accessed, its presence does not cause
problems with the PIX security appliance.
Cisco PIX Security Appliance Hardware Installation Guide
5-2
78-15170-02
Page 3
Chapter 5 PIX 520
PIX 520 Product Overview
Figure 5-3 shows the location of the interfaces if you install a four-port Ethernet circuit board in slot 0.
Figure 5-3 Four-Port Ethernet Circuit Board Installed in Slot 0
Interface 0
Interface 1
Interface 2
Interface 3
44306
Interface 5
Interface 4
Figure 5-4 shows how the slots are numbered if a single-port Ethernet circuit board is inserted in
slot 0, and a four-port Ethernet circuit board is inserted in slot 1.
Figure 5-4 Single-Port Ethernet Circuit Board Installed in Slot 0 and Four-Port Ethernet Circuit Board
Installed in Slot 1
Interface 1
Interface 2
Interface 3
Interface 4
44307
Interface 0
Figure 5-5 shows how the slots are numbered if single-port Ethernet circuit boards are installed in slot 0
and in slot 1, and a four-port Ethernet circuit board is inserted in slot 2.
Figure 5-5 Single-Port Ethernet Circuit Board Installed in Slot 0 and 1 and Four-Port Ethernet Circuit
Board Installed in Slot 2
Interface 2
Interface 3
Interface 4
Interface 5
44308
Interface 0
Interface 1
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-3
Page 4
Installing the PIX 520
Installing the PIX 520
To install the PIX 520, perform the following steps:
Step 1 Refer to Figure 5-6 for information on the features of the PIX 520.
Figure 5-6 PIX 520 Front, Rear, and Side Panels.
Front Rear
RE
S
E
T
PIX Firewall
SERIES
Power connector
Power switch
Chapter 5 PIX 520
Selection
ge
an
uto-R
A
V
70
-2
:180
V H
-135
L:90
AC
Reset
button
Powe r
light
Diskette
compartment
1
To access,
loosen screws
counterclockwise
3
Insert PIX
security appliance
diskette
Slots for
network
interfaces
Failover
connector
2
Set plate
on surface
4
To remove
diskette,
push button
Console
connector
+–
DC power connector
Fan duct
rackmount slide rails
(must be purchased
Rackmount
holes
Power switch
–
+
Left side
Holes to connect
separately from
outside vendor)
DC
Ground lugs
Holes to connect
rackmount brackets
(if rackmounting
is desired)
Step 2
Connect network cables to each of the PIX security appliance network interfaces. On the PIX 520,
connect the cables at the front of the unit.
Cisco PIX Security Appliance Hardware Installation Guide
5-4
10656
Right side
78-15170-02
Page 5
Chapter 5 PIX 520
Installing the PIX 520
If you are not installing a four-port Ethernet circuit board, add the cables as shown in Figure 5-7.
Figure 5-7 Up to Four Single-Port Interfaces in the PIX Security Appliance
44305
Interface 3
Interface 2
Interface 1
Interface 0
Installing Interface Cables to the PIX 520
To install interface cables to the PIX 520, perform the following steps:
Step 1 Locate the serial cable. The serial cable assembly consists of a null modem cable with RJ-45 connectors,
two separate DB-9 connectors, and a separate DB-25 connector as shown in Figure 5-8.
Step 2 Install the serial cable between the PIX security appliance and your console computer.
Figure 5-8 PIX Security Appliance Serial Cable Assembly
PIX security appliance
console connector
DB-9-to-DB-25
serial cable
(null-modem)
C
O
N
S
O
L
E
Console
port (DB-9)
Computer serial port
DB-25 or DB-9
12275
Step 3
Connect one of the DB-9 serial connectors to the console connector on the front panel of the PIX security
appliance.
Step 4 Connect one end of the RJ-45 null modem cable to the DB-9 connector.
Step 5 If you are installing an AC voltage PIX security appliance, connect the power cord to the power
connector on the rear panel of the PIX security appliance, and to a power outlet.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-5
Page 6
PIX 520 Feature Licenses
Step 6 The following options are available:
Chapter 5 PIX 520
If you are installing a DC voltage PIX security appliance, refer to the “Installing the PIX 520 DC Model”
section on page 5-21.
a. If you have a second PIX security appliance to use as a failover unit, install the failover feature and
cable as described in the “Installing Failover” section on page 5-7.
Note Do not power on the failover units until the primary unit is configured.
• If needed, install the PIX security appliance syslog server as described in the logging command page
in the command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html
b. If you need to install an optional circuit board such as a single-port Ethernet board, or the four-port
Ethernet board, refer to the “Installing a Circuit Board in the PIX 520” section on page 5-15 for
more information.
c. If you need to install additional memory, refer to the “Installing a Memory Upgrade” section on
page 5-12.
If you are ready to start configuring the PIX security appliance, power on the unit. Refer to the
configuration guide online at:
http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/config.html
Always check the release notes first before configuring the PIX security appliance for the latest release
details. You can find the latest versions of release notes online at:
http://preview.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_notes_list.html
PIX 520 Feature Licenses
If you have a PIX 520-UR unrestricted feature license, the following options are available:
• If you have a second PIX 520 to use as a failover unit, install the failover feature and cable as
described in the “Installing Failover” section on page 5-7.
• If needed, install the PIX security appliance syslog server as described in the logging command in
the command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html
• Refer to the “Installing LAN-Based Failover” section on page 5-8 for information about how to
remove and replace the chassis cover if you need to install optional circuit boards.
Note It is very important to remove the chassis cover before installing circuit boards in the PIX 520. Even
though it appears possible to add or remove circuit boards from the back panel, removing the chassis
cover greatly simplifies the process.
• If you need to install additional memory, refer to the “Installing a Memory Upgrade” section on
page 5-12.
Cisco PIX Security Appliance Hardware Installation Guide
5-6
78-15170-02
Page 7
Chapter 5 PIX 520
Installing Failover
To install a failover connection, perform the following steps:
Note This section only applies to PIX security appliance units with a “UR” (unrestricted) license.
Step 1 Power off both the primary and secondary units.
Note Both PIX security appliances must be the same model number, have at least as much RAM, have
the same Flash memory size, and be running the same software version.
Step 2 Locate the Failover cable (shown in Figure 5-9). This cable is shipped separately from the PIX security
appliance. The cable is labeled Primary on one end and Secondary on the other. Install the cable for the
PIX 520 as shown in Figure 5-9.
Figure 5-9 PIX 520 Failover Cable Connection
Installing Failover
F
A
I
L
O
V
E
R
Y
R
A
M
I
R
P
Primary end
F
A
I
L
O
V
E
R
Y
R
A
D
N
O
C
E
S
12395
Secondary end
Step 3
Connect the Primary end of the Failover cable to the first PIX security appliance unit, that is, the one
you have already configured.
Step 4 Connect the Secondary end of the Failover cable to the standby unit.
Step 5 Connect a power cord to the power connector on the rear panel of each unit, and the other end of each
power cord to (preferably separate) power outlets.
Step 6 If you are using Stateful Failover, use one of the following types of connections, that is appropriate for
your system, between the dedicated interfaces on the PIX security appliance units:
• 100BaseTX half-duplex hub using straight Category 5 cables.
• 100BaseTX full duplex on a dedicated switch or dedicated VLAN of a switch.
• All enabled interfaces must be connected between the active and standby units. Only configure the
active unit. On the PIX 520, you can access the console and determine which unit is active with the
show failover command in the command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-7
Page 8
Installing LAN-Based Failover
Caution Do not turn the power on until the units are connected and the primary unit is configured completely.
Step 7 Use the power switch at the back of the units to power the primary unit on and then power on the standby
unit.
Within a few seconds, the active unit automatically downloads its configuration to the standby unit.
If the primary unit fails, the secondary unit automatically becomes active.
Installing LAN-Based Failover
LAN-based failover supports failover between two units connected over a dedicated Ethernet interface.
LAN-based failover eliminates the need for a special Failover cable and overcomes the distance
limitations imposed by the Failover cable.
For information on configuring a LAN-based failover, refer to the configuration guide online at:
http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/config.html
Chapter 5 PIX 520
Note Both chassis must be the same model number, have the same amount of RAM, Flash memory, number
and type of interfaces, and be running the same software version.
To set up a LAN-based failover connection, perform the following steps:
Step 1 Disconnect both the PIX security appliances, so that there is no traffic flow between them. If the Failover
cable is connected to the PIX security appliance, disconnect it.
Step 2 Configure the PIX security appliances for LAN-based failover. Refer to the chapter on configuring
LAN-based failover in the configuration guide online at:
http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/config.html
Step 3 Power off both units.
Step 4 Connect the LAN failover interfaces to the dedicated switch/hub, as shown in Figure 5-10.
Note A dedicated LAN interface and a dedicated switch (or VLAN) is required to implement
LAN-based failover. You cannot use a crossover Ethernet cable to connect the two PIX security
appliances.
Cisco PIX Security Appliance Hardware Installation Guide
5-8
78-15170-02
Page 9
Chapter 5 PIX 520
Installing LAN-Based Failover
Figure 5-10 LAN- Based Failover Connections
Step 5
PIX Firewall
RESET
SERIE
S
Dedicated Ethernet
interface
PIX 520
PIX Firewall
RESET
SERIES
Dedicated Ethernet
interface
PIX 520
87366
Hub/switch
If you are using Stateful Failover, use one of the following types of connections, that is appropriate for
your system, between the dedicated interfaces on the PIX security appliances:
• 100BaseTX full duplex on a dedicated switch or dedicated VLAN of a switch.
• 1000BaseSX full duplex on a dedicated switch or dedicated VLAN of a switch.
Note For Stateful Failover on the PIX 520, if you have Gigabit Ethernet (GE) interfaces,
then the failover link must be GE.
Caution Do not turn the power on until the units are connected and the primary unit is configured completely.
Step 6 Power the primary unit on first, then power on the secondary unit. Within a few seconds, the active unit
automatically downloads its configuration to the standby unit.
If the primary unit fails, the secondary unit automatically becomes active.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-9
Page 10
Removing and Replacing the PIX 520 Chassis Cover
Removing and Replacing the PIX 520 Chassis Cover
This section describes how to remove and replace the chassis cover from the PIX 520. This section
includes the following topics:
• Removing the Chassis Cover, page 5-10
• Replacing the Chassis Cover, page 5-11
Removing the Chassis Cover
To remove the chassis cover, perform the following steps:
Note Removing the PIX security appliance case does not affect your Cisco warranty. Upgrading the
PIX security appliance does not require any special tools and does not create any radio frequency leaks.
Step 1 Read the Regulatory Compliance and Safety Information document.
Chapter 5 PIX 520
Step 2 Ensure that the PIX security appliance is powered off. Unplug the power cord from the power outlet.
Once the upgrade is complete, you can safely reconnect the power cord.
Warning
Step 3 Remove the three screws holding the chassis cover in place, as shown in Figure 5-11.
Before working on a system that has an On/Off switch, turn OFF the power and unplug the power cord.
Figure 5-11 Removing the Chassis Cover Screws
Top panel screws (3)
10370
PIX Firewall
RESET
SERIES
Cisco PIX Security Appliance Hardware Installation Guide
5-10
78-15170-02
Page 11
Chapter 5 PIX 520
Step 4 Remove the chassis cover as shown in Figure 5-12.
Figure 5-12 Removing the Chassis Cover
1 in.
PIX Firewall
R
E
S
ET
SERIES
Removing and Replacing the PIX 520 Chassis Cover
Pull lid 1 in. (50 mm)
back and then lift up
10371
Replacing the Chassis Cover
Caution Do not operate PIX security appliance units without the chassis cover installed. The chassis cover
protects the internal components, prevents electrical shorts, and provides proper air-flow for cooling the
electronic components.
To replace the chassis cover, perform the following steps:
Step 1 Replace the chassis cover, as shown in Figure 5-13.
Step 2 Secure the three screws.
Step 3 Reinstall all interface cables.
Figure 5-13 Replacing the Chassis Cover
10380
PIX Firewall
RE
SE
T
78-15170-02
SERIES
Cisco PIX Security Appliance Hardware Installation Guide
5-11
Page 12
Replacing a Lithium Battery
Replacing a Lithium Battery
The PIX security appliance has a lithium battery on its main circuit board. This battery has an operating
life of about ten years. When the battery loses its charge, the PIX security appliance cannot function.
The lithium battery is not a field-replacable unit (FRU). Contact Cisco TAC to replace the battery.
Note Do not attempt to replace this battery yourself.
Chapter 5 PIX 520
Warning
Danger of explosion exists if the lithium battery is incorrectly replaced. Replace only with the same
or equivalent type recommended by the manufacturer. Dispose of used batteries according to the
manufacturer's instructions.
Installing a Memory Upgrade
Observe the following warnings, cautions, and notes when installing additional PIX security appliance
system memory.
The following statement applies to DC models:
Warning
Warning
Before performing any of the following procedures, ensure that power is removed from the DC circuit.
To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit
breaker in the OFF position.
The following statement applies to both AC and DC models:
Before working on a system that has an On/Off switch, turn OFF the power and unplug the power cord.
Caution Always remove old memory before installing new memory.
Note After installing additional memory in the PIX 520, do not remove the memory strips and power on the
unit, or the PIX security appliance will become inoperable.
Caution If you remove the PIX security appliance chassis chassis cover, always reinstall the chassis cover. Running
the PIX security appliance without the chassis cover causes overheating and damage to electrical components.
Cisco PIX Security Appliance Hardware Installation Guide
5-12
78-15170-02
Page 13
Chapter 5 PIX 520
Memory Installation Steps
To install additional system memory, perform the following steps:
Step 1 If the unit is rack-mounted, remove network wires and any cords connecting to the PIX security
appliance. The PIX 520 should be removed from the rack and placed on a stable working surface. Ensure
that the unit is unplugged from its power source.
Step 2 Unpack the items in the memory upgrade kit.
Remove the chassis cover from the PIX security appliance. Remove all screws holding the assembly in
place. Refer to the “Removing and Replacing the PIX 520 Chassis Cover” section on page 5-10 for more
information.
Step 3 Determine the location of your system memory sockets (see Figure 5-14).
Step 4 Use the markings on the motherboard to determine the socket numbers. Always install the first memory
strip into the lowest socket number. Progressively add memory boards into higher numbered sockets.
Figure 5-14 PIX 520 System Memory Location
Installing a Memory Upgrade
Bank 0
Bank 1
Bank 2
17996
Front
Step 5 Locate the wrist grounding strap in the accessory kit and connect one end to the unit as shown in
Figure 5-17, or to the PIX security appliance chassis, and securely attach the other to your wrist so it
contacts your bare skin.
Step 6 With the wrist strap on your wrist, carefully grasp the memory strip from either end. Note that a DIMM
strip has notches.
Step 7 To install a DIMM strip:
• Remove the old memory strip by opening the two plastic wing connectors, and pulling the old strip
up. Discard the old strip.
• When installing the memory strip in the PIX 520, install the new strip in Bank 0 as shown in
Figure 5-15 and Figure 5-16, by opening the two plastic wing connectors, inserting the strip, and
closing the wing connectors.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-13
Page 14
Installing a Memory Upgrade
Figure 5-15 Inserting a DIMM Memory Strip in the PIX 520
Bank 2
Bank 1
Chapter 5 PIX 520
DIMM
17997
Bank 0
Figure 5-16 Securing a DIMM Memory Strip in the PIX 520
17998
Bank 2
Bank 1
Bank 0
• When you finish inserting new RAM memory, replace the chassis cover on the chassis. Reattach the
screws. If desired, rack mount the PIX security appliance and attach all cables and cords as
discussed in previous sections. After the PIX security appliance is installed, you can view the
amount of RAM memory in the system startup messages or with the show version command in the
command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html.
Cisco PIX Security Appliance Hardware Installation Guide
5-14
78-15170-02
Page 15
Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520
The information in this section refers to the installation of a circuit board in the PIX 520.
The 4-port 64 bit/66 MHz FE card (PIX-4FE-66) is supported in software Versions 6.3, 6.2(2), 6.1(4),
and 5.2(9), and later versions. These are the minimum software versions that support the card.
Note The PIX-4FE card continues to be supported but is no longer manufactured.
The new card has the following characteristics:
• Includes an Intel 21154BE bridge and 4 Intel 82559 ethernet mac/phy devices.
• Supports 10/100mbps full/half-duplex operation on each port.
• Retains bus performance when installed with other 66 MHz devices.
• Does not support auto MDI/MDIX operation.
This section includes the following topics:
• 16 MB Flash Circuit Board, page 5-18
• VPN Accelerator Circuit Board, page 5-19
• Gigabit Ethernet Circuit Board, page 5-20
Installing a Circuit Board in the PIX 520
• Installing the PIX 520 DC Model, page 5-21
To install a circuit board in the PIX 520, perform the following steps:
Step 1 Locate the grounding strap from the accessory kit. Fasten the grounding strap to your wrist so that it
contacts your bare skin. Attach the other end to bare metal inside the PIX security appliance chassis as
shown in Figure 5-17.
Figure 5-17 Attaching Grounding Strap to Your Wrist and to the PIX Security Appliance
Copper foil
18352
LNK
LNK
LNK
ACT
100
TX
DATA
W
E
R
PIX Firewall
SERIES
RESET
P
O
LNK
ACT
ACT
ACT
100
100
100
TX
TX
TX
E
E
E
T
H
E
R
N
E
T
0
E
T
T
T
H
H
DATA
H
E
DATA
E
DATA
E
R
R
R
N
N
N
E
E
E
T
T
T
0
0
0
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-15
Page 16
Installing a Circuit Board in the PIX 520
Step 2 Insert the new circuit board, as shown in Figure 5-18, and secure it using the screw provided with the
circuit board.
Figure 5-18 Installing the New Circuit Board
Chapter 5 PIX 520
12273
Step 3
Figure 5-19 displays how the circuit boards are numbered according to their position. If you have
Version 4.4 and a four-port Ethernet circuit board, refer to the “PIX 520 Product Overview” section on
page 5-1.
Note When adding a network interface or encryption circuit board, install the new circuit board in the
first empty slot to the right of the existing network interface circuit board.
Figure 5-19 PIX Security Appliance Network Circuit Boards
44305
Interface 3
Interface 2
Interface 1
Interface 0
Cisco PIX Security Appliance Hardware Installation Guide
5-16
78-15170-02
Page 17
Chapter 5 PIX 520
Step 4 If you are installing a 4-port circuit board, note that the circuit board will overlap the slot connector on
Installing a Circuit Board in the PIX 520
the motherboard. This does not affect the use or operation of the circuit board. See Figure 5-20.
Figure 5-20 4-Port Circuit Board Overlap
Overlap
27884
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-17
Page 18
Installing a Circuit Board in the PIX 520
16 MB Flash Circuit Board
Along with upgrading your Flash memory to 16 MB, the PIX security appliance 16 MB Flash circuit
board includes pre-installed PIX security appliance software and a UR (unrestricted) 56-bit DES
encryption license. The 16 MB Flash circuit board installs into the PIX security appliance ISA slot.
An illustration of the 16 MB Flash circuit board is shown in Figure 5-21.
Figure 5-21 PIX Security Appliance 16 MB Flash Circuit Board
Chapter 5 PIX 520
5-18
33011
Use the following information to install a 16 MB Flash circuit board:
• The PIX security appliance must have a minimum of 32 MB of RAM memory.
• You must obtain a new activation key if you will be using 3DES.
• The PIX security appliance should not be downgraded to a software revision lower than 5.0(3) after
the new software from the 16 MB circuit board is installed.
• If you downgrade from software Version 5.3 to 5.2 or lower, you will lose private data (keys,
certifications, and CRLs) that are stored in Flash memory. You need to use the clear flashfs
command, downgrade 5.0 | 5.1 | 5.2 options if your PIX security appliance has 16 MB Flash
memory, private data stored in the Flash memory, and you used the ca save all command to save
these items in Flash memory.
Cisco PIX Security Appliance Hardware Installation Guide
78-15170-02
Page 19
Chapter 5 PIX 520
Step 1 Record the present PIX security appliance unit serial number.
Step 2 Record the new serial number from the 16 MB Flash circuit board.
Step 3 Create a backup of your present configuration (to use later to reconfigure your system).
Step 4 Obtain a new Activation key (if using 3DES).
Step 5 Remove any previously installed Flash memory circuit boards from the unit.
Caution Do not remove or reposition the 16 MB Flash circuit board. The PIX security appliance will not work if
Step 6 Install the 16 MB Flash circuit board into an available ISA slot in the PIX security appliance chassis.
Installing a Circuit Board in the PIX 520
To install the 16 MB Flash circuit board, perform the following steps:
Note After installation, the serial number of the PIX security appliance changes to the serial number
supplied with the 16 MB Flash circuit board.
this jumper is moved.
VPN Accelerator Circuit Board
The VPN Accelerator (PIX-VPN-ACCEL) is an encryption and accelerator circuit board. The VPN
Accelerator uses a PCI interface and therefore can only be installed in PIX security appliance platforms
with PCI slots. The VPN Accelerator begins to function immediately after installation without the need
of special installation configurations.
Note The new VPN Accelerator cannot be used with the former PIX security appliance IPSec accelerator in
the same chassis. The PIX security appliance IPSec accelerator was also known as the Private Link card.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-19
Page 20
Installing a Circuit Board in the PIX 520
An illustration of the VPN Accelerator is shown in Figure 5-22.
Figure 5-22 VPN Accelerator Circuit Board
Chapter 5 PIX 520
61921
Gigabit Ethernet Circuit Board
PIX security appliance supports 1000 Mbps (Gigabit) Ethernet. The Gigabit Ethernet circuit board uses
only has one hardware speed and the following duplex options:
• 1000SXfull—Forces full-duplex operation
• 1000BaseSX—Forces half-duplex operation
• 1000auto—Auto negotiates full or half duplex
Cisco PIX Security Appliance Hardware Installation Guide
5-20
78-15170-02
Page 21
Chapter 5 PIX 520
Installing the PIX 520 DC Model
The Gigabit Ethernet circuit board and the fiber optic cable connection are shown in Figure 5-23.
Figure 5-23 Gigabit Ethernet Circuit Board
33010
TX
RX
LINK
The Gigabit Ethernet circuit board has three LEDs:
• TX—Transmitting data
• RX—Receiving data
• LINK—The Gigabit Ethernet circuit board has established a network connection
Installing the PIX 520 DC Model
Warning
Step 1 Read the Regulatory Compliance and Safety Information document.
Step 2 Terminate the DC input wiring on a DC source capable of supplying at least 15 amps. A 15-amp circuit
Step 3 Be sure the PIX 520 power is off by checking the power switch at the rear of the unit.
Before performing any of the following procedures, ensure that power is removed from the DC circuit.
To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit
breaker in the OFF position.
To install the PIX 520 DC power model, perform the following steps:
breaker is required at the 48 VDC facility power source. An easily accessible disconnect device should
be incorporated into the facility wiring.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-21
Page 22
Installing the PIX 520 DC Model
Step 4 As shown in Figure 5-24, the PIX 520 is equipped with two grounding studs at the back of the unit,
which you can use to connect a two-hole grounding lug to the PIX 520. Use the 10-32 nuts provided with
the PIX 520 to connect a copper standard barrel grounding lug to the studs. The PIX 520 requires a lug
where the distance between the center of each hole is 0.56 inches. A lug is not supplied with the PIX 520.
Figure 5-24 Attaching a Grounding Lug to the PIX Security Appliance
PIX security appliance
Rear of
Chapter 5 PIX 520
–
+
11827
To ra c k
ground
10-32 nuts
2-hole copper
standard barrel
grounding lug
Grounding studs
on PIX DC model
Step 5 Ensure that power is removed from the DC circuit. To ensure that all power is OFF, locate the circuit
breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position,
and tape the switch handle of the circuit breaker in the OFF position.
Step 6 Strip the ends of the wires for insertion into the power connect lugs on the PIX 520.
Step 7 Insert the ground wire into the connector for the earth ground and tighten the screw on the connector (see
Figure 5-25). Using the same method as for the ground wire, connect the negative wire and then the
positive wire.
Figure 5-25 Attaching DC Power Cables
–
+
Cisco PIX Security Appliance Hardware Installation Guide
5-22
11779
78-15170-02
Page 23
Chapter 5 PIX 520
Step 8 Reconnect power to the PIX 520. After wiring the DC power supply, remove the tape from the circuit
Step 9 Insert the PIX 520 system diskette in the drive at the front of the unit.
Step 10 If needed, install the interface boards as described in the “Installing a Circuit Board in the PIX 520”
Step 11 Power on the unit from the switch at the rear of the unit.
Note If you need to power cycle the DC PIX security appliance, wait at least five seconds between powering
Installing the PIX 520 DC Model
breaker switch handle and reinstate power by moving the handle of the circuit breaker to the ON position.
section on page 5-15.
off the unit and powering it back on.
78-15170-02
Cisco PIX Security Appliance Hardware Installation Guide
5-23
Page 24
Installing the PIX 520 DC Model
Chapter 5 PIX 520
Cisco PIX Security Appliance Hardware Installation Guide
5-24
78-15170-02
Loading...