Hi there,
I am trying to limit UDP connections initiated from a higher level sec int to a lower level sec int, aka my internal users to the internet.
I'm using static mapping as so: static (inside,outside) x.24.110.26 192.168.1.110 netmask
255.255.255.255 50 10Thing is I can't seem to get the UDP connection limit emphasized. I do get the TCP limit working as it shows bellow but no luck for UDP. I'm aware UDP is connectionless but the cisco docs for the static command clearly says: "Specifies the maximum number of simultaneous TCP and UDP connections for the entire subnet"
Could anyone shed some light on this? Using a Cisco PIX Firewall 506 Unlimited License OS Version 6.3(5) I appreciate it.
Aless Gsurfnet
pix6# sh local-host 192.168.1.110 Interface inside: 345 active, 404 maximum active, 0 denied local host: , TCP connection count/limit = 50/50 TCP embryonic count = 2 TCP intercept watermark = 10 UDP connection count/limit = 342/unlimited AAA: Xlate(s): Global x.24.110.26 Local 192.168.1.110