03-16-2004 09:43 AM - edited 03-09-2019 06:46 AM
I need to limit the amount of connections to an SSL based web server that we will be deploying in our DMZ. I believe this can be accomplished using the static command with the max_conns value. I am just looking for confirmation as I am still relatively new to PIX. Right now the value is 0 which I believe is unlimited. Is it really as simple as setting the value to 'n' where 'n' is the number of connections I want to allow???
03-16-2004 01:23 PM
Yes, editing the max_conns setting will limit the number of tcp_established connections. You don't, however, want to confuse max_conns with the embryonic setting which limits the number of tcp_syn sessions open. The syn sessions are unestablished. If your concern is security, you may want to limit the embryonic setting also.
03-18-2004 09:07 AM
Perfect, thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide