Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
730
Views
0
Helpful
2
Replies

Denial of DOS Attack

saquib.tandel
Level 1
Level 1

‎01-14-2011 11:21 PM - edited ‎03-11-2019 12:35 PM

Hello

How to overcome "Denial of DOS Attack" on ASA 5510, any recommendations or best practises

Considering the public ip is not same all the time.

thanks

Saquib

Labels:
0 Helpful
2 Replies 2

jdlampard
Level 1
Level 1

‎01-15-2011 12:03 AM

I'll assume you don't have the CSC-AIP module, no?

Maybe the 'ip audit' and 'threat-detection' commands can help.

0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to jdlampard

‎01-15-2011 07:00 AM

You can limit per-client max and enable per-client-embryonic-conn-max but, the best place to stop this is before it reaches the outside interface.

Engage your ISP.

Here is the link for per-client-max and embryonic-max:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s1.html#wp1424045

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card