Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
460
Views
0
Helpful
2
Replies

Is there some limit on the configuration in the ASA?

edisonguerrero
Level 1
Level 1

‎12-18-2015 07:43 AM - edited ‎03-12-2019 12:03 AM

Hi community,


My question is about to know if there is a limit to configure some features on the firewall ASA 5520, beyond the features of the license (which are well known as the VLANs, Failover or VPNs).


So, for example, if there is a limit to create Access Rules or Nat Rules or object groups, etc.


I think the limitation would be determined by the bytes free on the flash or disk, but i'm not sure.

Thanks for your help.

Labels:
0 Helpful
2 Replies 2

Maykol Rojas
Cisco Employee
Cisco Employee

‎12-18-2015 09:31 AM

Hi 

Nope, but it will hit the memory at some point. All the config is loaded on RAM so if it is a busy box with a lot of config on it, you will start seeing performance issues, high memory mostlikely. 

You wont hit a limit for a config, but you will start seeing it impacting the performance. 

Mike. 

Mike
0 Helpful

Shivapramod M
Level 1
Level 1

‎12-18-2015 09:32 AM

Hi,

The limit to the access rules depends on the memory (RAM). If you have more than certain amount of the access list elements then you may face performance issue such as high memory.

Each ASA devices has recommended  access list element count. Each Access list element uses minimum of 212 bytes of the RAM.

You can run "show access-list  | inc elements" to see the number of the Access list elements.

For example ASA 5510 - 80k

ASA5520--200k, ASA5515-x --100k, ASA 5525-X -- 250k, ASA5585-60 supports 2M

Thanks,
Shivapramod M
Please remember to select a correct answer and rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card