Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
537
Views
0
Helpful
4
Replies

High session through PIX 515E firewall

Go to solution
thaier1978
Level 1
Level 1

‎01-29-2005 05:29 AM - edited ‎02-20-2020 11:54 PM

My ISP is stopping the internet service and says that I have a high session count of 5400+.. The normal session counts should be around 200. Due to this high count, my site can potentially cause harm to my network and thier network. they have deactivated this site to prevent harm.

MY PIX config is attached, please check it.

note: my ISP modem have IP of 216.147.153.113 /29

if you have any questions please contact me through Email or messenger in below contacts , I appreciate your help in advance.

thank you,

Thaier K. Cassim

Iraq - Baghdad

Cell Phone: +964 7901 762691

yahoo ID: <A HREF="mailto:thaier78@yahoo.com">thaier78@yahoo.com</A>

MSN ID: <A HREF="mailto:thaier78@hotmail.com">thaier78@hotmail.com</A>

Email: <A HREF="mailto:thaier78@yahoo.com">thaier78@yahoo.com</A>

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
sachinraja
Level 9
Level 9

‎01-29-2005 05:57 AM

Hi thaier,

saw the configs.. why are you opening ip any any and tcp any any from inside to outside.. first remove these statements and then see the performance.. am sure most of the unnecessary traffic are going through now because of these statements....

no access-list inside_access_in permit ip any any

no access-list inside_access_in permit tcp any any

see if this solves the problem.otherwise we have to finetune the remaining access-lists.. make sure all ports are open after you remove these 2 lines...

Raj

View solution in original post

0 Helpful

Go to solution
nataraj_v
Level 1
Level 1

‎01-29-2005 10:27 AM

Dear Thaier ,

I feel , check ur PAT table once. is there any internal systems generating more connections on virus ports . u enabled ip any any which is not good.remove them and make sure all the required ports opened or not.

Thanks and regards

Nataraj

View solution in original post

0 Helpful
4 Replies 4

Go to solution
sachinraja
Level 9
Level 9

‎01-29-2005 05:57 AM

Hi thaier,

saw the configs.. why are you opening ip any any and tcp any any from inside to outside.. first remove these statements and then see the performance.. am sure most of the unnecessary traffic are going through now because of these statements....

no access-list inside_access_in permit ip any any

no access-list inside_access_in permit tcp any any

see if this solves the problem.otherwise we have to finetune the remaining access-lists.. make sure all ports are open after you remove these 2 lines...

Raj

0 Helpful

Go to solution
thaier1978
Level 1
Level 1
In response to sachinraja

‎02-01-2005 07:01 AM

Dear Raj,

Can I put limitation for the sessions that are going through the openned ports using the PIX 515E firewall?

Or, can I put limitation for each PC?

Thank you,

Thaier

0 Helpful

Go to solution
thaier1978
Level 1
Level 1
In response to sachinraja

‎02-01-2005 07:08 AM

How can I know the required ports for my application if I have one not using the port 80?

Thank you,

Thaier

0 Helpful

Go to solution
nataraj_v
Level 1
Level 1

‎01-29-2005 10:27 AM

Dear Thaier ,

I feel , check ur PAT table once. is there any internal systems generating more connections on virus ports . u enabled ip any any which is not good.remove them and make sure all the required ports opened or not.

Thanks and regards

Nataraj

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card