Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
691
Views
0
Helpful
2
Replies

Source IP connection limits

dan731028
Level 1
Level 1

‎07-02-2012 08:08 AM - edited ‎03-11-2019 04:25 PM

I am running a Cisco ASA 5550 in active/standby mode.  We are currently running ASA OS v8.2(3)5.  I am wondering if there is a way I could limit source IP concurrent connections coming in my outside interface.  Does the ASA have a feature/ACL syntax that supports this?

Labels:
0 Helpful
2 Replies 2

alejands
Level 1
Level 1

‎07-02-2012 08:55 AM

Hello,

You can try this with a MFP, creating ACL to match the traffic, create a calss-map to match the ACL, then a polici map to set the class-map wit the feature conn-max, and placing the policy-map on the outside interface.

Here is a configuration example:

access-list  test permit ip host X.X.X.X host Y.Y.Y.Y

  class-map test

  match access-list test

  policy-map test

  class test

  set connection conn-max " <0-65535>  Enter the maximum number of simultaneous connections"

  service-policy test interface "outside

Let me know if this works for you.

0 Helpful

alejands
Level 1
Level 1
In response to alejands

‎07-10-2012 09:33 AM

Hello

Was this helpfull for you?

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card