Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are so confused with the settings like per-client-max and conn-max in ASA. Here's our settings below for all tcp incoming to interface outside. Class-map: TCP_SYN Set connection policy: conn-max 60000 embryonic-conn-max 200 per-client-max 20...
Hey there,We got one colocation and use one 2960 for all servers with an ip block /26. Now there's a server been attacked by DDOS which cause whole network slow down. We plan to buy one cisco asa 5512x in the front to prevent this kind of attack. Th...
ASA Version: 8.6(1)2ASDM Version: 6.6(1)Firewall Mode: TransparentDevice Type: ASA 5525For the warning related to per-client-max, we can see limit reached like 200/200 even "sh conn address ip" far less than 200. However, for warning related to conn-...
Thanks. Jim. You are correct. ASA can work in transparent mode which acts like layer 2 switch. We can keep IP config no change on switch and add some rules like embryonic-conn-max on ASA to prevent DDOS attack. Based on your reply, it seems, If attac...
