Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
655
Views
0
Helpful
3
Replies

Rate based shun on Cisco Pix

stuart.jones
Level 1
Level 1

‎04-05-2010 09:31 PM - edited ‎03-11-2019 10:29 AM

Hi,

I have a client with a requirement to shun or block traffic from source IPs based on the rate of connections.

So if the Pix were to see 10 SSH connections from the same source IP in a certain period it would block/shun the source IP

This is version 6 code at the minute, though upgrades due shortly but for the minute would need a version 6 solution

Thanks in adavnce for your help

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-06-2010 01:25 AM

Not something which is supported on PIX unfortunately.

0 Helpful

stuart.jones
Level 1
Level 1
In response to Jennifer Halim

‎04-06-2010 01:35 AM

Hi halijenn

Thanks for your reply, is it a feature in newer versions of the OS do you know or is it just not a feature at all ?

Wondering if your response was based on version 6.

Thanks

Stu

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to stuart.jones

‎04-06-2010 01:48 AM

The feature is not supported in PIX version 6.x.

In the later version, you can configure "per-client-max" - maximum number of simultaneous connections allowed per client, however, you can't specify the period of time unfortunately.

Here is the command if you are interested:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_connlimits.html#wp1080774

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card