Solved: Shun limits

enterprisesoc · ‎06-06-2014

Is there a limit to the number of shuns configured on an interface of a Cisco ASA 5550 with 8.4.3?

johnlloyd_13 · ‎06-06-2014

hi,

it's not a limit to the ASA's interface per se. only a single shun entry can exist for any one source host at any time.

if you shun a single connection and the host launches an attack from a different source port, the shun would have no effect on that subsequent attack.

you cannot add multiple shun entries for the same host.

View solution in original post

Marius Gunnerud · ‎06-06-2014

I don't believe there is a limit as to how many shun entries you can configure, with the exception that you can only have a single shun entry for a given source address. But you may be limited by the CPU performance of your ASA depending on how much traffic is being dropped. So that being said I would try to keep the amount of shunned IPs to a minimum.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

johnlloyd_13 · ‎06-06-2014

hi,

it's not a limit to the ASA's interface per se. only a single shun entry can exist for any one source host at any time.

if you shun a single connection and the host launches an attack from a different source port, the shun would have no effect on that subsequent attack.

you cannot add multiple shun entries for the same host.