Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mrchrisosburn
New Contributor II
‎09-18-2013 02:03 PM

Is there a way to limiting the maximum number of sessions an ACL can have or by Source IP?

Jump to solution

We have been having issues which our mail server is getting SMTP DOS attacked.

Is there a way which i can limit the number of concurrent sessions based off IP or even using an ACL?

I have found documentation on doing this through an ACP but i dont believe this will work.

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎09-19-2013 05:14 PM

Re: Is there a way to limiting the maximum number of sessions an ACL can have or by Source IP?

Jump to solution

:

Thank you for asking this question in the Support Community.  If you are getting DoS attacks, then maybe you can use the ip policy-class <name> max-host-sessions <number> command to alter settings for an access control policy (ACP).  The <number> specifies the maximum number of allowed ACP sessions that can be created from each unique source address. This command is used in conjunction with a named ACP and only applies the limit to that particular ACP.

Let me know if you have any questions on this command or the application.  I will be happy to help in any way I can.

Levi

View solution in original post

Reply
2 Replies
Anonymous
Not applicable
‎09-19-2013 05:14 PM

Re: Is there a way to limiting the maximum number of sessions an ACL can have or by Source IP?

Jump to solution

:

Thank you for asking this question in the Support Community.  If you are getting DoS attacks, then maybe you can use the ip policy-class <name> max-host-sessions <number> command to alter settings for an access control policy (ACP).  The <number> specifies the maximum number of allowed ACP sessions that can be created from each unique source address. This command is used in conjunction with a named ACP and only applies the limit to that particular ACP.

Let me know if you have any questions on this command or the application.  I will be happy to help in any way I can.

Levi

Reply
mrchrisosburn
New Contributor II
‎09-19-2013 05:46 PM

Re: Is there a way to limiting the maximum number of sessions an ACL can have or by Source IP?

Jump to solution

Thanks Levi,

I did get the command issued without issue. The attacks are random and we will see if this helps the issue.

Thanks again

-Christopher

0 Kudos
Accept as Solution Reply