Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Member

what is Idle embryonic-conn-max NAT limit ?

can somebody please tell me this single command is enough for Nat limit what value should i set for conn max and embryonic conn max.

set connection conn-max 600 embryonic-conn-max 50
Everyone's tags (1)
4 REPLIES
Cisco Employee

Hi Akbar,

Hi Akbar,

This command would be used to limit the connections on the ASA for the TCP/UDP traffic:

set connection conn-max 600 embryonic-conn-max 50

where the conn-max 600 argument sets the maximum number of simultaneous TCP and/or UDP connections that are allowed, between 0 and 65535. The default is 0, which allows unlimited connections.

More info is enabled on this link:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/conns_connlimits.html

Regards,

Aditya

Please rate helpful posts and mark correct answers.

New Member

Thank you Aditya but i want

Thank you Aditya but i want to know the idle value for limiting max connection,  600 and 50 is enough for limit connection or i have to increase it ?

Cisco Employee

Hi Akbar,

Hi Akbar,

It depends on the number of connections in your network.

You need to check what is suited best to your network.

You need to remember that this number would decide the connections through the box.

So if you put in the number as x, that means any x+1 connection would be dropped even if it's a legitimate traffic.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

New Member

suppose if i have 50

suppose if i have 50 client what will be the value 

78
Views
0
Helpful
4
Replies
CreatePlease to create content