EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1346 background imageLoading...
Page #1346 background image
1-12
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Connection Settings
Configuring Connection Settings
set connection {[conn-max n]
[embryonic-conn-max n]
[per-client-embryonic-max n]
[per-client-max n] [random-sequence-number
{enable | disable}]}
Example:
hostname(config-pmap-c)# set connection
conn-max 256 random-sequence-number
disable
Sets maximum connection limits or whether TCP sequence
randomization is enabled.
The conn-max n argument sets the maximum number of
simultaneous TCP and/or UDP connections that are allowed,
between 0 and 2000000. The default is 0, which allows unlimited
connections.
If two servers are configured to allow simultaneous TCP and/or
UDP connections, the connection limit is applied to each
configured server separately.
When configured under a class, this argument restricts the
maximum number of simultaneous connections that are allowed
for the entire class. In this case, one attack host can consume all
the connections and leave none of the rest of the hosts matched in
the access list under the class.
The embryonic-conn-max n argument sets the maximum number
of simultaneous embryonic connections allowed, between 0 and
2000000. The default is 0, which allows unlimited connections.
The per-client-embryonic-max n argument sets the maximum
number of simultaneous embryonic connections allowed per
client, between 0 and 2000000. The default is 0, which allows
unlimited connections.
The per-client-max n argument sets the maximum number of
simultaneous connections allowed per client, between 0 and
2000000. The default is 0, which allows unlimited connections.
When configured under a class, this argument restricts the
maximum number of simultaneous connections that are allowed
for each host that is matched through an access list under the
class.
The random-sequence-number {enable | disable} keyword
enables or disables TCP sequence number randomization. See the
“TCP Sequence Randomization” section on page 1-3 section for
more information.
You can enter this command all on one line (in any order), or you
can enter each attribute as a separate command. The ASA
combines the command into one line in the running configuration.
Note For management traffic, you can only set the conn-max
and embryonic-conn-max keywords.
Command Purpose

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals