Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
836
Views
0
Helpful
1
Replies

Rate-limit per source IP in ACE

Reuven Elkabetz
Level 1
Level 1

‎01-29-2012 07:51 AM

Hello All,

I have a question regarding ACE A2(3.4) features. Is it possible to set a rate-limit connections per sec from any source IP. For example, if a client is trying to GET a web page 10 time per sec I will send a reset or drop that connection.

Thanks,

Reuven

Labels:
0 Helpful
1 Reply 1

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎01-30-2012 07:19 AM

Hi Reuven,

I'm afraid this is not possible. With the ACE, you can only limit the connection rate on a server, but without taking the client Ip into account. The purpose of this feature is to avoid overloading a server, not preventing attacks.

You should check with your account team for alternatives. I'm not an expert on it, but I believe you should be able to achieve what you need with an IDS module.

Regards

Daniel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card