Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
3
Replies

protecting a server with ASA

josephium
Level 1
Level 1

‎07-09-2009 11:24 PM - edited ‎03-11-2019 08:53 AM

Hi,

i am trying to limit the number of tcp connections to a server to 5000 for example, but when i am setting this with a policy map on the ASA , it is working until the connections are more than 5000, then the drop starts wich is normal, but what is not normal that the already 5000 established connections begin to drop on the server till there is no one connected.

should i set only the embryonic limit without the connection limit to protect the server and let it handle only 5000 simultaneous connections ?

thank you

Labels:
0 Helpful
3 Replies 3

srue
Level 7
Level 7

‎07-10-2009 06:18 AM

in your static nat command (assuming you have one), set the max number of connections to the host.

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1414075

0 Helpful

srue
Level 7
Level 7
In response to srue

‎07-10-2009 06:50 AM

btw, you can also set the embryonic limit with that command.

0 Helpful

josephium
Level 1
Level 1
In response to srue

‎07-11-2009 12:16 AM

thank you for your response, but with this method or with the one i was using , when the limit is reached , the server is loosing his already connected sessions quickly, shouldnt the limit keep new sessions from happening but keep the already established ??

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card