Cisco ASA Series Cli Configuration Manual page 239
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Configuring Multiple Context Mode
Table 1-1
Resource Names and Limits (continued)
Resource
Rate or
Name
Concurrent
syslogs
Rate
telnet
Concurrent
2
xlates
Concurrent
1. If this column value is N/A, then you cannot set a percentage of the resource because there is no hard system limit for the resource.
2. Syslog messages are generated for whichever limit is lower xlates or conns. For example, if you set the xlates limit to 7 and the conns to 9, then the ASA
only generates syslog message 321001 ("Resource 'xlates' limit of 7 reached for context 'ctx1'") and not 321002 ("Resource 'conn rate' limit of 5 reached
for context 'ctx1'").
Detailed Steps
Command
Step 1
class name
Example:
hostname(config)# class gold
Step 2
limit-resource [rate] resource_name
number[%]
Example:
hostname(config-class)# limit-resource
rate inspects 10
Examples
For example, to set the default class limit for conns to 10 percent instead of unlimited, and to allow 5
site-to-site VPN tunnels with 2 tunnels allowed for VPN burst, enter the following commands:
hostname(config)# class default
hostname(config-class)# limit-resource conns 10%
hostname(config-class)# limit-resource vpn other 5
hostname(config-class)# limit-resource vpn burst other 2
All other resources remain at unlimited.
To add a class called gold, enter the following commands:
hostname(config)# class gold
hostname(config-class)# limit-resource mac-addresses 10000
hostname(config-class)# limit-resource conns 15%
Minimum and
Maximum
Number per
Context
System Limit
N/A
N/A
1 minimum
100
5 maximum
N/A
N/A
1
Description
Syslog messages per second.
Telnet sessions.
Network address translations.
Purpose
Specifies the class name and enters the class configuration mode.
The name is a string up to 20 characters long. To set the limits for
the default class, enter default for the name.
Sets the resource limit for a resource type. See
of resource types. If you specify all, then all resources are
configured with the same value. If you also specify a value for a
particular resource, the limit overrides the limit set for all.
Enter the rate argument to set the rate per second for certain
resources.
For most resources, specify 0 for the number to set the resource to
be unlimited or to be the system limit, if available. For VPN
resources, 0 sets the limit to none.
For resources that do not have a system limit, you cannot set the
percentage (%); you can only set an absolute value.
Cisco ASA Series CLI Configuration Guide
Configuring Multiple Contexts
Table 1-1
for a list
1-19
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
