Connection limiting on ASA

Unanswered Question
May 11th, 2009

I have ASA 5510. I am letting my outside customers on FTP on my server (port range 49152 65535)

Is it possible to limit the number of connections from one particular source address (My customer).



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
John Blakley Mon, 05/11/2009 - 08:19


You should be able to lock your customer down in your ftp server. I don't believe you're going to be able to do this in the ASA.



raimj@yahoo.com_2 Mon, 05/11/2009 - 09:27

I was looking at config guide. Don't you think this will do the trick..

ASA(config-pmap-c)# set connection {[conn-max n] [embryonic-conn-max n] [per-client-embryonic-max n]

John Blakley Mon, 05/11/2009 - 09:35

I looked at that option, and it's really hard to say if that's outbound or inbound, or if it can be either. I've never used that option. It's a possibility that you could create an acl, match that acl in a class map, apply the class map to a policy map, and then set the connection limit that would only affect the host that you're wanting to affect.




This Discussion