Document Text Contents
Page 127
Case Study: Out of Memory
Step 9: Limit Infected Host(s) Impact on Network
• Configure the MAX TCP connections for NATed hosts to be
50
• Note: The local-host must be cleared before the new
connection limits are applied
pixfirewall(config)# nat (inside) 1 0.0.0.0 0.0.0.0 50 0
Copyright 2005
pixfirewall(config)# clear local-host 10.1.1.99
pixfirewall(config)# show local-host 10.1.1.99
Interface inside: 250 active, 250 maximum active, 0 denied
local host: <10.1.1.99>,
TCP connection count/limit = 50/50
TCP embryonic count = 50
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
. . .
The Infected Host Is
Limited to 50 TCP
Connections
Case Study: Out of Memory
Step 9: Limit Infected Host(s) Impact on Network
• Configure the MAX TCP connections for NATed hosts to be
50
• Note: The local-host must be cleared before the new
connection limits are applied
pixfirewall(config)# nat (inside) 1 0.0.0.0 0.0.0.0 50 0
Copyright 2005
pixfirewall(config)# clear local-host 10.1.1.99
pixfirewall(config)# show local-host 10.1.1.99
Interface inside: 250 active, 250 maximum active, 0 denied
local host: <10.1.1.99>,
TCP connection count/limit = 50/50
TCP embryonic count = 50
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
. . .
The Infected Host Is
Limited to 50 TCP
Connections
