C H A P T E R 5

PIX 520

This chapter guides you through the installation of the PIX 520, and includes the following sections:
• PIX 520 Product Overview, page 5-1
• Installing the PIX 520, page 5-4
• PIX 520 Feature Licenses, page 5-6
• Installing Failover, page 5-7
• Installing LAN-Based Failover, page 5-8
• Removing and Replacing the PIX 520 Chassis Cover, page 5-10
• Replacing a Lithium Battery, page 5-12
• Installing a Memory Upgrade, page 5-12
• Installing a Circuit Board in the PIX 520, page 5-15
• Installing the PIX 520 DC Model, page 5-21

Note The PIX 520 is not supported in software Version 7.0(1).

PIX 520 Product Overview

This section describes the PIX 520 front and rear panels and the panel LEDs.
Figure 5-1 shows the front view of the PIX 520.

Figure 5-1 PIX 520 Front Panel

67852

RESET PIX Fire wall SERIES

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-1
 Chapter 5 PIX 520
PIX 520 Product Overview

Figure 5-2 shows the rear view of the PIX 520.

Figure 5-2 PIX 520 Rear Panel

67853
Auto-Range Selection
L:90-135V H:180-270V

RESET PIX Fire wall SERIES

Note Use of the four-port Ethernet circuit board changes the position of the outside and inside interfaces
depending on the slot in which the circuit board is installed. Four-port Ethernet connectors are numbered
from the top connector down sequentially. On horizontally mounted cards, the slots are numbered left to
right.

The PIX 520 can be used with Ethernet circuit boards.

The four-port Ethernet circuit board provides four 10/100 Ethernet connections and has autosense
capability. Connectors on the four-port Ethernet circuit board are numbered top to bottom sequentially;
however, the actual device number depends on the slot in which the four-port Ethernet circuit board is
installed.
Table 5-1 describes how the top connector is numbered.

Table 5-1 Numbering Devices with a Four-Port Connector

Four-Port Top
Slot 0 Contains Slot 1 Contains Slot 2 Contains Connector
4-port Any Any ethernet0
Ethernet 4-port Any ethernet1
Ethernet Ethernet 4-port ethernet2
Token Ring 4-port Any ethernet0
Token Ring Token Ring 4-port ethernet0
Token Ring Ethernet 4-port ethernet1
Ethernet Token Ring 4-port ethernet1

With the four-port Ethernet circuit board, having a circuit board in slot 3 makes the number of interfaces
greater than six; while the circuit board in slot 3 cannot be accessed, its presence does not cause
problems with the PIX security appliance.

Cisco PIX Security Appliance Hardware Installation Guide

5-2 78-15170-03
Chapter 5 PIX 520
PIX 520 Product Overview

Figure 5-3 shows the location of the interfaces if you install a four-port Ethernet circuit board in slot 0.

Figure 5-3 Four-Port Ethernet Circuit Board Installed in Slot 0

Interface 0
Interface 1
Interface 2
Interface 3

44306
Interface 5
Interface 4

Figure 5-4 shows how the slots are numbered if a single-port Ethernet circuit board is inserted in
slot 0, and a four-port Ethernet circuit board is inserted in slot 1.

Figure 5-4 Single-Port Ethernet Circuit Board Installed in Slot 0 and Four-Port Ethernet Circuit Board
Installed in Slot 1

Interface 1
Interface 2
Interface 3
Interface 4
44307

Interface 0

Figure 5-5 shows how the slots are numbered if single-port Ethernet circuit boards are installed in slot 0
and in slot 1, and a four-port Ethernet circuit board is inserted in slot 2.

Figure 5-5 Single-Port Ethernet Circuit Board Installed in Slot 0 and 1 and Four-Port Ethernet Circuit
Board Installed in Slot 2

Interface 2
Interface 3
Interface 4
Interface 5
44308

Interface 0
Interface 1

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-3
 Chapter 5 PIX 520
Installing the PIX 520

Installing the PIX 520

To install the PIX 520, perform the following steps:

Step 1 Refer to Figure 5-6 for information on the features of the PIX 520.

Figure 5-6 PIX 520 Front, Rear, and Side Panels

Front Rear
Power connector Auto-Range Selection
L:90-135V H:180-270V

Power switch AC
RESET
PIX Firewall SERIES

Power Power switch

light Slots for Failover
Reset network connector – +
button Diskette interfaces Console – +
DC
compartment connector

DC power connector Ground lugs

Fan duct

1 To access, 2 Set plate Left side

loosen screws on surface
counterclockwise

Holes to connect
rackmount slide rails
(must be purchased
separately from
3 Insert PIX 4 To remove outside vendor)
security appliance diskette, Holes to connect
diskette push button rackmount brackets
Rackmount (if rackmounting
holes is desired)
10656

Right side

Step 2 Connect network cables to each of the PIX security appliance network interfaces. On the PIX 520,
connect the cables at the front of the unit.

Cisco PIX Security Appliance Hardware Installation Guide

5-4 78-15170-03
 Chapter 5 PIX 520
Installing the PIX 520

If you are not installing a four-port Ethernet circuit board, add the cables as shown in Figure 5-7.

Figure 5-7 Up to Four Single-Port Interfaces in the PIX Security Appliance

44305
Interface 3
Interface 2
Interface 1
Interface 0

Installing Interface Cables to the PIX 520

To install interface cables to the PIX 520, perform the following steps:

Step 1 Locate the serial cable. The serial cable assembly consists of a null modem cable with RJ-45 connectors,
two separate DB-9 connectors, and a separate DB-25 connector as shown in Figure 5-8.
Step 2 Install the serial cable between the PIX security appliance and your console computer.

Figure 5-8 PIX Security Appliance Serial Cable Assembly

PIX security appliance C

O
console connector N
S
O
L
E

Console
port (DB-9) Computer serial port
DB-25 or DB-9

DB-9-to-DB-25
serial cable
12275

(null-modem)

Step 3 Connect one of the DB-9 serial connectors to the console connector on the front panel of the PIX security
appliance.
Step 4 Connect one end of the RJ-45 null modem cable to the DB-9 connector.
Step 5 If you are installing an AC voltage PIX security appliance, connect the power cord to the power
connector on the rear panel of the PIX security appliance, and to a power outlet.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-5
 Chapter 5 PIX 520
PIX 520 Feature Licenses

If you are installing a DC voltage PIX security appliance, refer to the “Installing the PIX 520 DC Model”
section on page 5-21.
Step 6 The following options are available:
a. If you have a second PIX security appliance to use as a failover unit, install the failover feature and
cable as described in the “Installing Failover” section on page 5-7.

Note Do not power on the failover units until the primary unit is configured.

• If needed, install the PIX security appliance syslog server as described in the logging command page
in the command reference online at:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html
b. If you need to install an optional circuit board such as a single-port Ethernet board, or the four-port
Ethernet board, refer to the “Installing a Circuit Board in the PIX 520” section on page 5-15 for
more information.
c. If you need to install additional memory, refer to the “Installing a Memory Upgrade” section on
page 5-12.
If you are ready to start configuring the PIX security appliance, power on the unit. Refer to the
configuration guide online at:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/conf_gd.html

Always check the release notes first before configuring the PIX security appliance for the latest release
details. You can find the latest versions of release notes online at:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_notes_list.html

PIX 520 Feature Licenses

If you have a PIX 520-UR unrestricted feature license, the following options are available:
• If you have a second PIX 520 to use as a failover unit, install the failover feature and cable as
described in the “Installing Failover” section on page 5-7.
• If needed, install the PIX security appliance syslog server as described in the logging command in
the command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html
• Refer to the “Installing LAN-Based Failover” section on page 5-8 for information about how to
remove and replace the chassis cover if you need to install optional circuit boards.

Note It is very important to remove the chassis cover before installing circuit boards in the PIX 520. Even
though it appears possible to add or remove circuit boards from the back panel, removing the chassis
cover greatly simplifies the process.

• If you need to install additional memory, refer to the “Installing a Memory Upgrade” section on
page 5-12.

Cisco PIX Security Appliance Hardware Installation Guide

5-6 78-15170-03
 Chapter 5 PIX 520
Installing Failover

Installing Failover
To install a failover connection, perform the following steps:

Note This section only applies to PIX security appliance units with a “UR” (unrestricted) license.

Step 1 Power off both the primary and secondary units.

Note Both PIX security appliances must be the same model number, have at least as much RAM, have
the same Flash memory size, and be running the same software version.

Step 2 Locate the Failover cable (shown in Figure 5-9). This cable is shipped separately from the PIX security
appliance. The cable is labeled Primary on one end and Secondary on the other. Install the cable for the
PIX 520 as shown in Figure 5-9.

Figure 5-9 PIX 520 Failover Cable Connection

F
A
I
L
O
V
E
R

Y
AR
IM
PR

Primary end
F
A
I
L
O
V
E
R
12395

DARY
SECON

Secondary end

Step 3 Connect the Primary end of the Failover cable to the first PIX security appliance unit, that is, the one
you have already configured.
Step 4 Connect the Secondary end of the Failover cable to the standby unit.
Step 5 Connect a power cord to the power connector on the rear panel of each unit, and the other end of each
power cord to (preferably separate) power outlets.
Step 6 If you are using Stateful Failover, use one of the following types of connections, that is appropriate for
your system, between the dedicated interfaces on the PIX security appliance units:
• Category 5 crossover cable directly connecting the primary unit to the secondary unit.
• 100BaseTX half-duplex hub using straight Category 5 cables.
• 100BaseTX full duplex on a dedicated switch or dedicated VLAN of a switch.
• All enabled interfaces must be connected between the active and standby units. Only configure the
active unit. On the PIX 520, you can access the console and determine which unit is active with the
show failover command in the command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-7
 Chapter 5 PIX 520
Installing LAN-Based Failover

Caution Do not turn the power on until the units are connected and the primary unit is configured completely.

Step 7 Use the power switch at the back of the units to power the primary unit on and then power on the standby
unit.
Within a few seconds, the active unit automatically downloads its configuration to the standby unit.
If the primary unit fails, the secondary unit automatically becomes active.

Installing LAN-Based Failover

LAN-based failover supports failover between two units connected over a dedicated Ethernet interface.
LAN-based failover eliminates the need for a special Failover cable and overcomes the distance
limitations imposed by the Failover cable.
For information on configuring a LAN-based failover, refer to the configuration guide online at:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/conf_gd.html

Note Both chassis must be the same model number, have the same amount of RAM, Flash memory, number
and type of interfaces, and be running the same software version.

To set up a LAN-based failover connection, perform the following steps:

Step 1 Disconnect both the PIX security appliances, so that there is no traffic flow between them. If the Failover
cable is connected to the PIX security appliance, disconnect it.
Step 2 Configure the PIX security appliances for LAN-based failover. Refer to the chapter on configuring
LAN-based failover in the configuration guide online at:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/conf_gd.html
Step 3 Power off both units.
Step 4 Connect the LAN failover interfaces to the dedicated switch/hub, as shown in Figure 5-10.

Note A dedicated LAN interface and a dedicated switch (or VLAN) is required to implement
LAN-based failover. You cannot use a crossover Ethernet cable to connect the two PIX security
appliances.

Cisco PIX Security Appliance Hardware Installation Guide

5-8 78-15170-03
Chapter 5 PIX 520
Installing LAN-Based Failover

Figure 5-10 LAN-Based Failover Connections

PIX 520
PIX 520

87366
RESET PIX Firewa ll SERIES

RESET PIX Firewa ll SERIES

Dedicated Ethernet
interface Dedicated Ethernet
interface

Hub/switch

Step 5 If you are using Stateful Failover, use one of the following types of connections, that is appropriate for
your system, between the dedicated interfaces on the PIX security appliances:
• Category 5 crossover cable directly connecting the primary unit to the secondary unit.
• 100BaseTX full duplex on a dedicated switch or dedicated VLAN of a switch.
• 1000BaseTX full duplex on a dedicated switch or dedicated VLAN of a switch.

Note For Stateful Failover on the PIX 520, if you have Gigabit Ethernet (GE) interfaces,
then the failover link must be GE.

Caution Do not turn the power on until the units are connected and the primary unit is configured completely.

Step 6 Power the primary unit on first, then power on the secondary unit. Within a few seconds, the active unit
automatically downloads its configuration to the standby unit.
If the primary unit fails, the secondary unit automatically becomes active.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-9
 Chapter 5 PIX 520
Removing and Replacing the PIX 520 Chassis Cover

Removing and Replacing the PIX 520 Chassis Cover

This section describes how to remove and replace the chassis cover from the PIX 520. This section
includes the following topics:
• Removing the Chassis Cover, page 5-10
• Replacing the Chassis Cover, page 5-11

Removing the Chassis Cover

To remove the chassis cover, perform the following steps:

Note Removing the PIX security appliance case does not affect your Cisco warranty. Upgrading the
PIX security appliance does not require any special tools and does not create any radio frequency leaks.

Step 1 Read the Regulatory Compliance and Safety Information document.

Step 2 Ensure that the PIX security appliance is powered off. Unplug the power cord from the power outlet.
Once the upgrade is complete, you can safely reconnect the power cord.

Warning Before working on a system that has an On/Off switch, turn OFF the power and unplug the power cord.

Step 3 Remove the three screws holding the chassis cover in place, as shown in Figure 5-11.

Figure 5-11 Removing the Chassis Cover Screws

Top panel screws (3)

10370

RESET PIX Fire wall SERIES

Cisco PIX Security Appliance Hardware Installation Guide

5-10 78-15170-03
 Chapter 5 PIX 520
Removing and Replacing the PIX 520 Chassis Cover

Step 4 Remove the chassis cover as shown in Figure 5-12.

Figure 5-12 Removing the Chassis Cover

Pull lid 1 in. (50 mm)

back and then lift up

1 in.

10371
RESET PIX Fire wall SERIES

Replacing the Chassis Cover

Caution Do not operate PIX security appliance units without the chassis cover installed. The chassis cover
protects the internal components, prevents electrical shorts, and provides proper air-flow for cooling the
electronic components.

To replace the chassis cover, perform the following steps:

Step 1 Replace the chassis cover, as shown in Figure 5-13.

Step 2 Secure the three screws.
Step 3 Reinstall all interface cables.

Figure 5-13 Replacing the Chassis Cover

10380

RESET PIX Fire wall SERIES

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-11
 Chapter 5 PIX 520
Replacing a Lithium Battery

Replacing a Lithium Battery

The PIX security appliance has a lithium battery on its main circuit board. This battery has an operating
life of about ten years. When the battery loses its charge, the PIX security appliance cannot function.
The lithium battery is not a field-replacable unit (FRU). Contact Cisco TAC to replace the battery.

Note Do not attempt to replace this battery yourself.

Warning Danger of explosion exists if the lithium battery is incorrectly replaced. Replace only with the same
or equivalent type recommended by the manufacturer. Dispose of used batteries according to the
manufacturer's instructions.

Installing a Memory Upgrade

Observe the following warnings, cautions, and notes when installing additional PIX security appliance
system memory.
The following statement applies to DC models:

Warning Before performing any of the following procedures, ensure that power is removed from the DC circuit.
To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit
breaker in the OFF position.

The following statement applies to both AC and DC models:

Warning Before working on a system that has an On/Off switch, turn OFF the power and unplug the power cord.

Caution Always remove old memory before installing new memory.

Note After installing additional memory in the PIX 520, do not remove the memory strips and power on the
unit, or the PIX security appliance will become inoperable.

Caution If you remove the PIX security appliance chassis chassis cover, always reinstall the chassis cover. Running
the PIX security appliance without the chassis cover causes overheating and damage to electrical components.

Cisco PIX Security Appliance Hardware Installation Guide

5-12 78-15170-03
 Chapter 5 PIX 520
Installing a Memory Upgrade

Memory Installation Steps

To install additional system memory, perform the following steps:

Step 1 If the unit is rack-mounted, remove network wires and any cords connecting to the PIX security
appliance. The PIX 520 should be removed from the rack and placed on a stable working surface. Ensure
that the unit is unplugged from its power source.
Step 2 Unpack the items in the memory upgrade kit.
Remove the chassis cover from the PIX security appliance. Remove all screws holding the assembly in
place. Refer to the “Removing and Replacing the PIX 520 Chassis Cover” section on page 5-10 for more
information.
Step 3 Determine the location of your system memory sockets (see Figure 5-14).
Step 4 Use the markings on the motherboard to determine the socket numbers. Always install the first memory
strip into the lowest socket number. Progressively add memory boards into higher numbered sockets.

Figure 5-14 PIX 520 System Memory Location

Bank 0
Bank 1
Bank 2

17996

Front

Step 5 Locate the wrist grounding strap in the accessory kit and connect one end to the unit as shown in
Figure 5-17, or to the PIX security appliance chassis, and securely attach the other to your wrist so it
contacts your bare skin.
Step 6 With the wrist strap on your wrist, carefully grasp the memory strip from either end. Note that a DIMM
strip has notches.

Step 7 To install a DIMM strip:

• Remove the old memory strip by opening the two plastic wing connectors, and pulling the old strip
up. Discard the old strip.
• When installing the memory strip in the PIX 520, install the new strip in Bank 0 as shown in
Figure 5-15 and Figure 5-16, by opening the two plastic wing connectors, inserting the strip, and
closing the wing connectors.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-13
 Chapter 5 PIX 520
Installing a Memory Upgrade

Figure 5-15 Inserting a DIMM Memory Strip in the PIX 520

DIMM

17997
an k 2
an

an 1
B

B k

0
B

Figure 5-16 Securing a DIMM Memory Strip in the PIX 520

17998
2
k
an

an k 1
B
an

0
B

k
B

• When you finish inserting new RAM memory, replace the chassis cover on the chassis. Reattach the
screws. If desired, rack mount the PIX security appliance and attach all cables and cords as
discussed in previous sections. After the PIX security appliance is installed, you can view the
amount of RAM memory in the system startup messages or with the show version command in the
command reference online at:
http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html.

Cisco PIX Security Appliance Hardware Installation Guide

5-14 78-15170-03
 Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

Installing a Circuit Board in the PIX 520

The information in this section refers to the installation of a circuit board in the PIX 520.
The 4-port 64 bit/66 MHz FE card (PIX-4FE-66) is supported in software Versions 6.3, 6.2(2), 6.1(4),
and 5.2(9), and later versions. These are the minimum software versions that support the card.

Note The PIX-4FE card continues to be supported but is no longer manufactured.

The new card has the following characteristics:

• Includes an Intel 21154BE bridge and 4 Intel 82559 Ethernet MAC/PHY devices.
• Supports 10/100mbps full/half-duplex operation on each port.
• Retains bus performance when installed with other 66 MHz devices.
• Does not support auto MDI/MDIX operation.
This section includes the following topics:
• 16 MB Flash Circuit Board, page 5-18
• VPN Accelerator Circuit Board, page 5-19
• Gigabit Ethernet Circuit Board, page 5-20
• Installing the PIX 520 DC Model, page 5-21
To install a circuit board in the PIX 520, perform the following steps:

Step 1 Locate the grounding strap from the accessory kit. Fasten the grounding strap to your wrist so that it
contacts your bare skin. Attach the other end to bare metal inside the PIX security appliance chassis as
shown in Figure 5-17.

Figure 5-17 Attaching Grounding Strap to Your Wrist and to the PIX Security Appliance

Copper foil

18352

LNK LNK LNK LNK

ACT ACT ACT ACT
100 100 100 100
TX TX TX TX

E E
T E E
T T
H H T
DATA E DATA H H
R
E DATA E DATA
R E
N R R
N N
E E N
T E E
T T T
0 0 0 0

RESET POWER PIX FirewallSERIES

Step 2 Insert the new circuit board, as shown in Figure 5-18, and secure it using the screw provided with the
circuit board.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-15
 Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

Figure 5-18 Installing the New Circuit Board

12273

Step 3 Figure 5-19 displays how the circuit boards are numbered according to their position. If you have
Version 4.4 and a four-port Ethernet circuit board, refer to the “PIX 520 Product Overview” section on
page 5-1.

Note When adding a network interface or encryption circuit board, install the new circuit board in the
first empty slot to the right of the existing network interface circuit board.

Figure 5-19 PIX Security Appliance Network Circuit Boards

44305

Interface 3
Interface 2
Interface 1
Interface 0

Cisco PIX Security Appliance Hardware Installation Guide

5-16 78-15170-03
Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

Step 4 If you are installing a 4-port circuit board, note that the circuit board will overlap the slot connector on
the motherboard. This does not affect the use or operation of the circuit board. See Figure 5-20.

Figure 5-20 4-Port Circuit Board Overlap

Overlap

27884

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-17
 Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

16 MB Flash Circuit Board

Along with upgrading your Flash memory to 16 MB, the PIX security appliance 16 MB Flash circuit
board includes pre-installed PIX security appliance software and a UR (unrestricted) 56-bit DES
encryption license. The 16 MB Flash circuit board installs into the PIX security appliance ISA slot.
An illustration of the 16 MB Flash circuit board is shown in Figure 5-21.

Figure 5-21 PIX Security Appliance 16 MB Flash Circuit Board

33011

Use the following information to install a 16 MB Flash circuit board:

• The PIX security appliance must have a minimum of 32 MB of RAM memory.
• You must obtain a new activation key if you will be using 3DES.
• The PIX security appliance should not be downgraded to a software revision lower than 5.0(3) after
the new software from the 16 MB circuit board is installed.
• If you downgrade from software Version 5.3 to 5.2 or lower, you will lose private data (keys,
certifications, and CRLs) that are stored in Flash memory. You need to use the clear flashfs
command, downgrade 5.0 | 5.1 | 5.2 options if your PIX security appliance has 16 MB Flash
memory, private data stored in the Flash memory, and you used the ca save all command to save
these items in Flash memory.

Cisco PIX Security Appliance Hardware Installation Guide

5-18 78-15170-03
 Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

To install the 16 MB Flash circuit board, perform the following steps:

Step 1 Record the present PIX security appliance unit serial number.
Step 2 Record the new serial number from the 16 MB Flash circuit board.

Note After installation, the serial number of the PIX security appliance changes to the serial number
supplied with the 16 MB Flash circuit board.

Step 3 Create a backup of your present configuration (to use later to reconfigure your system).
Step 4 Obtain a new Activation key (if using 3DES).
Step 5 Remove any previously installed Flash memory circuit boards from the unit.

Caution Do not remove or reposition the 16 MB Flash circuit board. The PIX security appliance will not work if
this jumper is moved.

Step 6 Install the 16 MB Flash circuit board into an available ISA slot in the PIX security appliance chassis.

VPN Accelerator Circuit Board

The VPN Accelerator (PIX-VPN-ACCEL) is an encryption and accelerator circuit board. The VPN
Accelerator uses a PCI interface and therefore can only be installed in PIX security appliance platforms
with PCI slots. The VPN Accelerator begins to function immediately after installation without the need
of special installation configurations.

Note The new VPN Accelerator cannot be used with the former PIX security appliance IPSec accelerator in
the same chassis. The PIX security appliance IPSec accelerator was also known as the Private Link card.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-19
 Chapter 5 PIX 520
Installing a Circuit Board in the PIX 520

An illustration of the VPN Accelerator is shown in Figure 5-22.

Figure 5-22 VPN Accelerator Circuit Board

61921
Gigabit Ethernet Circuit Board
PIX security appliance supports 1000 Mbps (Gigabit) Ethernet. The Gigabit Ethernet circuit board uses
only has one hardware speed and the following duplex options:
• 1000SXfull—Forces full-duplex operation
• 1000BaseSX—Forces half-duplex operation
• 1000auto—Auto negotiates full or half duplex

Cisco PIX Security Appliance Hardware Installation Guide

5-20 78-15170-03
 Chapter 5 PIX 520
Installing the PIX 520 DC Model

The Gigabit Ethernet circuit board and the fiber optic cable connection are shown in Figure 5-23.

Figure 5-23 Gigabit Ethernet Circuit Board

33010
TX

RX

LINK

The Gigabit Ethernet circuit board has three LEDs:

• TX—Transmitting data
• RX—Receiving data
• LINK—The Gigabit Ethernet circuit board has established a network connection

Installing the PIX 520 DC Model

Warning Before performing any of the following procedures, ensure that power is removed from the DC circuit.
To ensure that all power is OFF, locate the circuit breaker on the panel board that services the DC
circuit, switch the circuit breaker to the OFF position, and tape the switch handle of the circuit
breaker in the OFF position.

To install the PIX 520 DC power model, perform the following steps:

Step 1 Read the Regulatory Compliance and Safety Information document.

Step 2 Terminate the DC input wiring on a DC source capable of supplying at least 15 amps. A 15-amp circuit
breaker is required at the 48 VDC facility power source. An easily accessible disconnect device should
be incorporated into the facility wiring.
Step 3 Be sure the PIX 520 power is off by checking the power switch at the rear of the unit.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-21
 Chapter 5 PIX 520
Installing the PIX 520 DC Model

Step 4 As shown in Figure 5-24, the PIX 520 is equipped with two grounding studs at the back of the unit,
which you can use to connect a two-hole grounding lug to the PIX 520. Use the 10-32 nuts provided with
the PIX 520 to connect a copper standard barrel grounding lug to the studs. The PIX 520 requires a lug
where the distance between the center of each hole is 0.56 inches. A lug is not supplied with the PIX 520.

Figure 5-24 Attaching a Grounding Lug to the PIX Security Appliance

Rear of
PIX security appliance

– +

11827
To rack 10-32 nuts Grounding studs
ground on PIX DC model
2-hole copper
standard barrel
grounding lug

Step 5 Ensure that power is removed from the DC circuit. To ensure that all power is OFF, locate the circuit
breaker on the panel board that services the DC circuit, switch the circuit breaker to the OFF position,
and tape the switch handle of the circuit breaker in the OFF position.
Step 6 Strip the ends of the wires for insertion into the power connect lugs on the PIX 520.
Step 7 Insert the ground wire into the connector for the earth ground and tighten the screw on the connector (see
Figure 5-25). Using the same method as for the ground wire, connect the negative wire and then the
positive wire.

Figure 5-25 Attaching DC Power Cables

– +
11779

Cisco PIX Security Appliance Hardware Installation Guide

5-22 78-15170-03
Chapter 5 PIX 520
Installing the PIX 520 DC Model

Step 8 Reconnect power to the PIX 520. After wiring the DC power supply, remove the tape from the circuit
breaker switch handle and reinstate power by moving the handle of the circuit breaker to the ON position.
Step 9 Insert the PIX 520 system diskette in the drive at the front of the unit.
Step 10 If needed, install the interface boards as described in the “Installing a Circuit Board in the PIX 520”
section on page 5-15.
Step 11 Power on the unit from the switch at the rear of the unit.

Note If you need to power cycle the DC PIX security appliance, wait at least five seconds between powering
off the unit and powering it back on.

Cisco PIX Security Appliance Hardware Installation Guide

78-15170-03 5-23
 Chapter 5 PIX 520
Installing the PIX 520 DC Model

Cisco PIX Security Appliance Hardware Installation Guide

5-24 78-15170-03