Hi,I would like to limit scanning and syn flooding on ASA. I am thinking I can restrict any outside host to only be able to initiate maximum 500 tcp connections total to inside host at a given time it would help prevent syn flood and port scan attack...
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,562) -
Cisco Bugs
(37) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(145) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(21) -
Cisco Secure Firewall Management Center (FMC)
(99) -
Cisco Secure Firewall Threat Defense (FTD)
(127) -
Cisco Security Cloud Control
(6) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(260) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(29) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,569) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,775) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(8) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(637) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hi,I have configured threat-detection on ASA and it does not seem to be doing shun to IP addresses that are doing scanning or syn flooding. I have the following config. Any suggestions why this may not be working? I have excluded my internal public ...
I'm trying to set a NAT rule to allow traffic from ports 20000-21000 to a server on the Inside. When I apply the changes in ASDM I receive this warning: [WARNING] nat (Inside,Outside) after-auto 1 source static [host object] interface service PAS...
Hi All, I have got an new ASA 5505 and trying to config with ASDM, following all the procedure in the startup guide, but still cannot connect to ASDM, the firefox showing "ssl_error_no_cypher_overlap", and the CLI config show below, please help: cisc...
Hello,I was wondering if there was a way to have two syslog hosts configured on a cisco asa and have diff. severity of logs go to one host.. and another severity of logs to the other host.any info would be helpful.Thanks.
I have an unused 5525-X , what is the best version to use? The download page seems to recommend either 9.1.6 or 9.2.3. Is there a reason to not go with the latest, 9.4.1? Thanks.
Hi,I have a setup whereby I have a pair of ASA setup for Active-Standby. As I understand that ASA connection to cross switch stack is not supported. I would like to check if may be supported on connection to the same switch on a stack switch. Example...
Said release notes are missing from the download page.Anyone know where to find them?ThanksMarki
Cisco asa5512 with:Cisco Adaptive Security Appliance Software Version 9.4(1)Device Manager Version 7.4(2) We can access the gui but the asdm process on the Mac spikes and the application hangs.i have attached screenshots of the steps before the gui h...
Hi, I am trying to block a Web page, I have followed this guide. http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100513-ASARegexp.htmlBut unfortunately that blocks (almost) all web pages. What I mean wit...
Hi,i'm new here and i'm peased to join your community.I've an issue on a pair of PIX 5525 8.0(3)12 in Failover Active/Standby Config.If i do a show failover state mi output is the following: State Last Fa...
Hi All,I am newbie on ASA configuration. The network topology should be below Internet -- (Outside) ASA 5520 (Inside) -- Router -- MPLS Connection In my case, there is a solarwind server at MPLS connection side and responsible to collecting syslog of...
Hi,I want to forward Security Intelligence Events to Syslog server, is it possible to do from Virtual Defense Center.I also wanted to forward system logs to Syslog server but it seems you cant forward it to syslog server and how to access Sourcefire ...
Dears,I have ASA 5540 which was working absolutely perfect all of the sudden it went power off , i disconnected from the network and i saw any physical failures but i couldn't found anything and i kept it ON under observation for 12 hrs out of the n...
We have an ASA 5515 running ver 9.1(2). (Actually 2 of them in an HA Active/Passive cluster)The ssl cert installed on our ASA that we currently use for SSL VPN is SHA1. This cert is due to expire soon, so we are looking to renew it before it expires....
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 11-13-2025 12:52 PM | ||
| 11-03-2025 09:48 AM | ||
| 10-30-2025 12:44 PM | ||
| 10-23-2025 07:14 AM | ||
| 10-20-2025 12:53 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |
