Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
1
Replies

PIX connection limit

e-mourad
Level 1
Level 1

‎07-17-2003 11:08 PM - edited ‎02-20-2020 10:51 PM

Hello,

Please, how can i limit the number of connection for a such user in PIX firewall. I know that wen i execute this command : sh local-host 10.1.1.100 detail

the display is like:

local host: <Mohamed_HAMDI>, conn(s)/limit = 2/0, embryonic(s)/limit = 1/0

AAA:

Xlate(s):

TCP PAT from inside:Mohamed_HAMDI/1038 to outside:193.95.116.12/19839 flags

I see that conns/limit = 2/0, show that there is no limit of tcp connection.

so how can i change it?

Thanks

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎07-20-2003 05:40 PM

You'd have to set up a nat/global specifically for this inside user. Let's say they're 10.1.1.100, you'd do the following:

> nat (inside) 5 10.1.1.100 255.255.255.255 20 5

> global (outside) 5 interface

> clear xlate

This will limit this host to a maximum of 20 connections outbound, and 5 half-open connections at any one time.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card