Cisco Cisco ASA 5512-X Adaptive Security Appliance - No Payload Encryption Manual Técnica
17
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(1)
Connection Limits
Connection Limits
This XML example shows connection limits associated with interfaces (global connection limits are not
supported), matches any traffic, and sets up the maximum number of connections that are allowed. Also
included are connection limits on internal and external interfaces.
supported), matches any traffic, and sets up the maximum number of connections that are allowed. Also
included are connection limits on internal and external interfaces.
ASA Configuration
class-map connlimits_internalIf
match any
policy-map internalIf
class connlimits_internalIf
set connection conn-max 654 embryonic-conn-max 456
service-policy internalIf interface internalIf
XML Example
<polUni>
<fvTenant name="tenant1">
<vnsAbsGraph name = "WebGraph">
<vnsAbsNode name = "FW1">
<vnsAbsDevCfg>
<vnsAbsFolder key="Interface" name="internalIf">
<vnsAbsFolder key="ServicePolicy" name="ConLim-Policy">
<vnsAbsParam key="ServicePolicyState" name="PolicyState" value="enable"/>
<vnsAbsFolder key="ConnectionLimits" name="ConnLim">
<vnsAbsFolder key="ConnectionSettings" name="ConnectionSettingsA">
<vnsAbsParam key="conn_max" name="conn_max" value="654"/>
<vnsAbsParam key="conn_max_embryonic" name="conn_max_embryonic"
value="456"/>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsDevCfg>
</vnsAbsNode>
</vnsAbsGraph>
</fvTenant>
</polUni>