Alert Headline: Connection table limit approaching or reached

Description:

There are 24,125 concurrent connections while the limit is 25000. The connection table limit should be increased to ensure uninterrupted operation.

Indeni will re-check this alert every 1 minute. If Indeni determines the issue has been resolved, it will automatically be flagged as such.

Manual Remediation Steps:

In many cases, a sudden spike in connections has been attributed to a worm or misbehaving application. If you have ruled this out, consider the following solutions:

  1. Locate the maximum concurrent connections setting for the firewall (normally found in the object’s properties) and increase the value. The increase should be done gradually and with care as it will also increase the memory usage of the firewall.
  2. Turn on Aggressive Aging to have connections removed as quick as possible.
  3. In the SmartDashboard, go to Policy->Global Properties and in the Stateful Inspection tab reduce the TCP end timeout to 5 seconds. Please refer to the firewall’s user manual for more information on what the TCP end timeout is.
  4. Use Indeni’s debugging tools to list the connections.
  5. Upgrade to Gaia as the connection table limit issue has been resolved there.

See what other issues lurk in your Check Point firewall

Take Indeni out for a test drive.

Fill out the form here.

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.