Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
472
Views
0
Helpful
3
Replies

Context virtual Firewall limit-resource

jlucero2424
Level 1
Level 1

ā€Ž12-05-2013 06:55 PM - edited ā€Ž03-11-2019 08:13 PM

Hi Guys,

Hope you all are doing ok, I have a question about configuring class for limit-resource on the context for virtual FW, I just want to understand how this limit-resource works, for example the command "limit-resource conns", does it mean per current connection would be the value? and what would be the best practice for allocating resource on configuring logical firewalls.

Thanks in advance.

Champ.

Labels:
0 Helpful
3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

ā€Ž12-05-2013 07:46 PM

Hello Jaspher,

Basically you will be splitting the amount of resources that the firewall has as a whole unit into different Virtual Firewalls.

When we talk about conns we talk about the maximum amount of connections through a specific context

The best practice would be to monitor you network and after that determine how much traffic each context will use so you can set it as accurate as possible bud.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

jlucero2424
Level 1
Level 1
In response to Julio Carvajal

ā€Ž12-05-2013 09:24 PM

hi Jcarvaja,

Thanks for a prompt reply. So in that case I'll monitor first traffic connections before configuring  the the limit-resource.

thanks,

champ.

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to jlucero2424

ā€Ž12-05-2013 09:33 PM

Hello Jaspher,

Exactly bud,

Remember that you can take into consideration amount of logs, Conns, Xlates, management sessions, inspections.

And starting on 9.0 VPN usage

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card