| Message Code | PIX-2-201003 |
| Severity | Critical |
| Description | Embryonic limit exceeded nconns/elimit for outside_address/outside_port (global_address) inside_address/inside_port on interface interface_name |
| Explanation | "This is a connection-related message regarding traffic to the Cisco ASA . This message is displayed when the number of embryonic connections from the specified foreign address with the specified static global address to the specified local address exceeds the embryonic limit. When the limit on embryonic connections to the Cisco ASA is reached, the Cisco ASA attempts to accept them anyway, but puts a time limit on the connections. This situation allows some connections to succeed even if the Cisco ASA is very busy. The nconns variable lists the number of embryonic connections received and the elimit variable lists the maximum number of embryonic connections specified in the static or nat command." |
| User Action | This message indicates a more serious overload than message 201002. It could be caused by a SYN attack, or by a very heavy load of legitimate traffic. Use the show static command to check the limit imposed on embryonic connections to a static address. |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.