Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PIX Questions.

From: "Doug Sax" <dsax () syseng com>
Date: Mon, 17 Mar 2003 18:30:39 -0500
Try

static (dmz,outside) external_ip internal_ip netmask 255.255.255.255
10000 0

Or if using port redirection.

static (dmz,outside) tcp interface smtp internal_ip smtp netmask
255.255.255.255 10000 0

10000 is the number of concurrent connections allowed to that server.

-----Original Message-----
From: George J. Jahchan, Eng. [mailto:Firewall-Wizards () Compucenter org] 
Sent: Monday, March 17, 2003 13:50
To: Firewall Wizards
Subject: [fw-wiz] PIX Questions.


I need to limit the maximum number of simultaneous inbound connections
to a server through a PIX 515 (6.22). I did not select it, but that is
what I have to work with. Is it possible to limit the number of inbound
connections it will allow as follows:

Maximum number of simultaneous connections from all IP addresses to a
host/port combo in DMZ.

Maximum number of simultaneous connections from the same IP address to a
host/port combo in DMZ.

I know the Lucent Brick allows the first item and NetFilter/IPtables
(with some P-O-M patches) allows both limitations. How about the PIX?
TIA

_______________________________________________
firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: