Security Mode Configuration Commands
166
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Command example:
SRX5308>
security firewall session_limit configure
security-config[session-limit]>
enable Y
security-config[session-limit]>
session_limit_control When_Single_IP_Exceed
conn_limit_type Percentage_Of_MaxSessions or
Number_Of_Sessions
Specifies the type of session limits:
• Percentage_Of_MaxSessions.
Specifies a percentage of the total
session-connection capacity on
the VPN firewall. Issue the
user_limit keyword to specify
a percentage of the total session
connection.
• Number_Of_Sessions. Specifies
an absolute number of maximum
sessions. Issue the user_limit
keyword to specify an absolute
number of maximum sessions.
user_limit number The percentage of the total
session-connection capacity on the
VPN firewall or an absolute number
of maximum sessions.
block_new_session Block_IP_to_add_new_session
or Block_IPs_all_connections
Specifies the type of blockage:
• Block_IP_to_add_new_session.
No new session is allowed from
the IP address for a period. Issue
the
block_IP_to_add_new_session_
for_time keyword
to specify the
period in seconds.
• Block_IPs_all_connections. All
sessions from the IP address are
terminated, and new sessions are
blocked for a period. Issue the
block_IPs_all_connections
_for_time keyword to specify
the period in seconds.
These options are available only if
the session_limit_control
keyword is set to
When_Single_IP_Exceed.
block_IP_to_add_new_session
_for_time
seconds The period during which no new
session is allowed from the IP
address.
block_IPs_all_connections_
for_time
seconds The period during which all
sessions are blocked from the IP
address.
Keyword Associated Keyword to Select or
Parameter to Type
Description
To Next Page
Loading...
