Security Mode Configuration Commands
165
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Session Limit, Time-Out, and Advanced Commands
security firewall session_limit configure
This command configures global session limits. After you have issued the security
firewall session_limit configure command, you enter the
security-config [session-limit] mode, and then you can configure one keyword and associated
parameter or associated keyword at a time in the order that you prefer.
Step 1 Format security firewall session_limit configure
Mode security
Step 2 Format enable {Y | N}
session_limit_control {Single_IP_cannot_Exceed |
When_Single_IP_Exceed}
conn_limit_type {Percentage_Of_MaxSessions | Number_Of_Sessions}
user_limit <number>
block_new_session {Block_IP_to_add_new_session
{block_IP_to_add_new_session_for_time <seconds>} |
Block_IPs_all_connections {block_IPs_all_connections_for_time
<seconds>}}
Mode security-config [session-limit]
Keyword Associated Keyword to Select or
Parameter to Type
Description
enable Y or N Enables or disables session limits.
session_limit_control When_Single_IP_Exceed or
Single_IP_cannot_Exceed
Specifies how limit control is
implemented:
• When_Single_IP_Exceed. When
the limit is reached, no new
session is allowed from the IP
address for a specified period, or
all sessions from the IP address
are terminated and new sessions
are blocked for a specified period.
Issue the conn_limit_type
keyword to specify the type of
session limit and issue the
block_new_session keyword
to specify the type of blockage.
• Single_IP_cannot_Exceed.
When the limit is reached, no new
session is allowed from the IP
address. A new session is
allowed only when an existing
session is terminated or times
out. Issue the
conn_limit_type keyword to
specify the type of session limit.
To Next Page
Loading...
