Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Analyze Firewall connections w.r.t Orion Network analyzer

Unanswered Question
Jul 23rd, 2012
User Badges:

Dear All,

I need to consider limiting my Firewall connections from outside network.

On a average i am receiving 4000 connections / second (witnessed almost a month on daily basis)

hostname# sh conn count

3559 in use, 6657 most used

So what will be the preferred value to be configured by the MQC in  firewall.

hostname(config)# class-map  CONNS

hostname(config-cmap)# match  any

hostname(config-cmap)#  policy-map CONNS

hostname(config-pmap)# class  CONNS

hostname(config-pmap-c)# set  connection conn-max 4000 embryonic-conn-max 12000

hostname(config-pmap-c)# set  connection timeout tcp 2:0:0 embryonic 0:40:0 half-closed 0:20:0  dcd

hostname(config-pmap-c)# service-policy CONNS interface outside

Also, i have established Orion Solarwinds Network performance monitor (version 10.3)  to verify the number of connections.

My query's are follows..

++ Can i restrict the above values as defined in MQC.

++ Can anyone help me how to locate the similar connections in Orion monitor.

Best Regards / Vimal.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Amjad Abdullah Mon, 07/23/2012 - 02:36
User Badges:
  • Red, 2250 points or more

Hi Vimal,

I think you better move the post to security forums. This sub-forum is about security and management under wireless.

I think you meant to put the post in security forums not in wireless forums.



vimal_raj Mon, 07/23/2012 - 02:49
User Badges:

Thanks for the info Amjad.

I have moved to the respective forum: Security ---> Security Management

Regards/ Vimal.


This Discussion