abinjola Thu, 03/13/2008 - 08:11
User Badges:
  • Cisco Employee,

Active-host Limitations:


A host is considered active when any of the following statements are true:

. The host has passed traffic through the PIX Firewall during the time configured for the

xlate timeout interval

. The host has an established NAT/PAT translation through the PIX Firewall

. The host has an established TCP connection or UDP session through the PIX Firewall

. The host has an established user authentication through the PIX Firewall

*****


Let me just re-quote from this link:



http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/specs

.html#wp1150495


" In routed mode, hosts on the inside (Business and Home VLANs) count towards the limit

only when they communicate with the outside (Internet VLAN). Internet hosts are not

counted towards the limit. Hosts that initiate traffic between Business and Home are also

not counted towards the limit. The interface associated with the default route is

considered to be the Internet interface. If there is no default route, hosts on all

interfaces are counted toward the limit. In transparent mode, the interface with the

lowest number of hosts is counted towards the host limit. See the show local-host command

to view the host limits."

rasoftware Thu, 03/13/2008 - 08:19
User Badges:

Many thanks. Is there a command to see how many are in use? I've made a bit of a boob and ordered a load of 10 users ASAs.

Correct Answer
abinjola Thu, 03/13/2008 - 08:24
User Badges:
  • Cisco Employee,

show local-host

Actions

This Discussion