07-09-2009 11:24 PM - edited 03-11-2019 08:53 AM
Hi,
i am trying to limit the number of tcp connections to a server to 5000 for example, but when i am setting this with a policy map on the ASA , it is working until the connections are more than 5000, then the drop starts wich is normal, but what is not normal that the already 5000 established connections begin to drop on the server till there is no one connected.
should i set only the embryonic limit without the connection limit to protect the server and let it handle only 5000 simultaneous connections ?
thank you
07-10-2009 06:18 AM
in your static nat command (assuming you have one), set the max number of connections to the host.
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1414075
07-10-2009 06:50 AM
btw, you can also set the embryonic limit with that command.
07-11-2009 12:16 AM
thank you for your response, but with this method or with the one i was using , when the limit is reached , the server is loosing his already connected sessions quickly, shouldnt the limit keep new sessions from happening but keep the already established ??
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: