Cisco ASA Audit Event: 201013

201013: Per-client connection limit exceeded

Cisco ASA is a security device that provides the combined capabilities of a firewall, an antivirus, and an intrusion prevention system. It also facilitates virtual private network (VPN) connections.It helps to detect threats and stop attacks before they spread through the network.

Message: %ASA-3-201013: Per-client connection limit exceeded curr num/limitfor [input|output] packet fromip / port to ip/port on interface interface_name.

Event 201013 is generated when a connection is rejected because the per-client connection limit is exceeded. The message contains information on the:

  • Current number.
  • Configured limit.
  • Input or output packet on the interface.
  • IP address.
  • Port number.
  • Name of the interface on which the policy is applied.

How could you resolve this situation?

If an application has a legitimate need for a higher number of concurrent connections, you can adjust the setting by entering the 'set connection per-client-max'command.

Cisco ASA Auditing Tool

EventLog Analyzer is a comprehensive log management software with which you can centrally collect, analyze, and manage logs from all the different log sources in your network. You also get reports and alerts on your network security, making it a power-packed IT security tool.