201012: Per-client embryonic connection limit exceeded
Cisco ASA is a security device that provides the combined capabilities of a firewall, an antivirus, and an intrusion prevention system. It also facilitates virtual private network (VPN) connections.It helps to detect threats and stop attacks before they spread through the network.
Message: %ASA-6-201012:Per-client embryonic connection limit exceeded curr num/limitfor [input|output] packet from IP_address/port to ip /port on interface interface_name.
Event 201012 is generated when an attempt to establish a TCP connection fails because the per-client embryonic connection limit is exceeded. The message contains information on the:
- Current number.
- Configured limit.
- Input or output packet on the interface.
- IP address.
- Port number.
- Name of the interface on which the policy is applied.
How could you resolve this situation?
If the event creates a problem for any application that has a legitimate need for a higher number of embryonic connections, you can adjust the setting by entering the 'set connection per-client-embryonic-max'command.