https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350264#M559550 <HTML><HEAD></HEAD><BODY><P>How can I know the required ports for my application if I have one not using the port 80?</P><P></P><P>Thank you,</P><P>Thaier</P></BODY></HTML> Tue, 01 Feb 2005 15:08:07 GMT thaier1978 2005-02-01T15:08:07Z https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350260#M559531 <P>My ISP is stopping the internet service and says that I have a high session count of 5400+.. The normal session counts should be around 200. Due to this high count, my site can potentially cause harm to my network and thier network. they have deactivated this site to prevent harm. </P><P></P><P>MY PIX config is attached, please check it.</P><P></P><P>note: my ISP modem have IP of 216.147.153.113 /29 </P><P></P><P>if you have any questions please contact me through Email or messenger in below contacts , I appreciate your help in advance.</P><P></P><P>thank you,</P><P></P><P>Thaier K. Cassim</P><P>Iraq - Baghdad</P><P>Cell Phone: +964 7901 762691</P><P>yahoo ID: &lt;A HREF="mailto:thaier78@yahoo.com"&gt;thaier78@yahoo.com&lt;/A&gt;</P><P>MSN ID: &lt;A HREF="mailto:thaier78@hotmail.com"&gt;thaier78@hotmail.com&lt;/A&gt;</P><P>Email: &lt;A HREF="mailto:thaier78@yahoo.com"&gt;thaier78@yahoo.com&lt;/A&gt;</P><P></P><P></P><P></P><P></P> Fri, 21 Feb 2020 07:54:11 GMT https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350260#M559531 thaier1978 2020-02-21T07:54:11Z https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350261#M559533 <HTML><HEAD></HEAD><BODY><P>Hi thaier,</P><P></P><P>saw the configs.. why are you opening ip any any and tcp any any from inside to outside.. first remove these statements and then see the performance.. am sure most of the unnecessary traffic are going through now because of these statements....</P><P></P><P>no access-list inside_access_in permit ip any any</P><P>no access-list inside_access_in permit tcp any any</P><P></P><P>see if this solves the problem.otherwise we have to finetune the remaining access-lists.. make sure all ports are open after you remove these 2 lines...</P><P></P><P>Raj</P></BODY></HTML> Sat, 29 Jan 2005 13:57:30 GMT https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350261#M559533 sachinraja 2005-01-29T13:57:30Z https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350262#M559539 <HTML><HEAD></HEAD><BODY><P>Dear Thaier , </P><P></P><P>I feel , check ur PAT table once. is there any internal systems generating more connections on virus ports . u enabled ip any any which is not good.remove them and make sure all the required ports opened or not.</P><P></P><P>Thanks and regards</P><P>Nataraj</P></BODY></HTML> Sat, 29 Jan 2005 18:27:29 GMT https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350262#M559539 nataraj_v 2005-01-29T18:27:29Z https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350263#M559546 <HTML><HEAD></HEAD><BODY><P>Dear Raj, </P><P>Can I put limitation for the sessions that are going through the openned ports using the PIX 515E firewall?</P><P>Or, can I put limitation for each PC?</P><P></P><P>Thank you,</P><P>Thaier</P></BODY></HTML> Tue, 01 Feb 2005 15:01:09 GMT https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350263#M559546 thaier1978 2005-02-01T15:01:09Z https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350264#M559550 <HTML><HEAD></HEAD><BODY><P>How can I know the required ports for my application if I have one not using the port 80?</P><P></P><P>Thank you,</P><P>Thaier</P></BODY></HTML> Tue, 01 Feb 2005 15:08:07 GMT https://community.cisco.com/t5/network-security/high-session-through-pix-515e-firewall/m-p/350264#M559550 thaier1978 2005-02-01T15:08:07Z