Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1154
Views
0
Helpful
1
Replies

max connections ( Concurrent Sessions ) on asa5550

startx001
Level 1
Level 1

‎02-02-2017 01:39 AM - edited ‎03-12-2019 01:52 AM

Hi , 

I reached max connections on asa5550 ( Concurrent Sessions )  to 650 000 ,  there is most for UDP . 

I already modified time for connections , and get result to dont reach 650000 , but now aready im reaching 650 000 .

timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:01:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00

Is there any way to lower this for UDP  , to change or i need new ASA ? 

KR

Labels:
0 Helpful
1 Reply 1

Rahul Govindan
VIP Alumni
VIP Alumni

‎02-02-2017 02:38 AM

Modifying the connection time does not help with the connections being built on the ASA, if there are that many connections being built within the time period, you will always run into that trouble.That being said, is all the traffic that you are seeing legitimate traffic? IF not, you can try blocking them with an ACL even before the connection is built. If this is legitimate traffic, I think you might need to scope out a larger ASA to fit your needs.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card