topic hi,it's not a limit to the in Network Security

Shun limits

enterprisesoc — Tue, 12 Mar 2019 04:18:09 GMT

Is there a limit to the number of shuns configured on an interface of a Cisco ASA 5550 with 8.4.3?

I don't believe there is a

Marius Gunnerud — Fri, 06 Jun 2014 11:52:49 GMT

I don't believe there is a limit as to how many shun entries you can configure, with the exception that you can only have a single shun entry for a given source address. But you may be limited by the CPU performance of your ASA depending on how much traffic is being dropped. So that being said I would try to keep the amount of shunned IPs to a minimum.

Please remember to select a correct answer and rate helpful posts

hi,it's not a limit to the

johnlloyd_13 — Sat, 07 Jun 2014 03:26:01 GMT

hi,

it's not a limit to the ASA's interface per se. only a single shun entry can exist for any one source host at any time.

if you shun a single connection and the host launches an attack from a different source port, the shun would have no effect on that subsequent attack.

you cannot add multiple shun entries for the same host.