60-11
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter60 Configuring the ASA CSC Module
Configuring the CSC SSM
Step6 set connection per-client-max n
Example:
hostname(config-pmap-c)# set connection
per-client-max 5
Lets you configure limits to thwart DoS attacks. The
per-client-max parameter limits the maximum
number of connections that individual clients can
open. If a client uses more network resources
simultaneously than is desired, you can enforce a
per-client limit for simultaneous connections that the
ASA diverts to the CSC SSM. The n argument is the
maximum number of simultaneous connections that
the ASA allows per client. This command prevents a
single client from abusing the services of the CSC
SSM or any server protected by the SSM, including
prevention of attempts at DoS attacks on
HTTP/HTTPS, FTP, POP3, or SMTP servers that the
CSC SSM protects.
Command Purpose