Can ASA do Denial of Service Tuning like IOS Firewall ?

Unanswered Question
Apr 27th, 2008
User Badges:

refer to my error i need to adjust the open half value on ASA but i only see the command in router only

ip inspect tcp max-incomplete host value (default 50) [block-time minutes(default 0)]


does anyone know is it possible to tuning DoS on ASA?

Thanks in Advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dominic.caron Mon, 04/28/2008 - 07:10
User Badges:
  • Silver, 250 points or more

You will find this in your Nat(or static) configuration

You can add the TCP keyword and specify tcp max_conns and emb_lim(half open)

rate helpful post


This Discussion