This alarm is a roll-up of the alarm in the Network Security component and indicates that the "Current State Entres" counter has reached critical levels.
This alarm is a roll-up of the alarm in the Network Security component. This alarm indicates that the "Current State Entries" counter (under the ‘IPSec DOS Protection’ object in perfmon) has exceeded critical levels. "Current state Entries" is the number of active state entries in the table. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.
To perform this procedure, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.
Use the following Netsh command to adjust the maximum number of active sessions defined in this server:
netsh ipsecdosprotection set miscellaneous maxentries=<no. of entries>
Maxentries can range from 1 to 4294967295.
Target | DirectAccess_Server_Class |
Parent Monitor | System.Health.ConfigurationState |
Algorithm | WorstOf |
Source Monitor | Network_Security_StateUtil_Critical |
Relationship | DirectAccess_Server.Network_Security |
Category | Custom |
Enabled | True |
Alert Generate | False |
Alert Auto Resolve | False |
Remotable | True |
Accessibility | Public |
<DependencyMonitor ID="DirectAccess_Server_Configuration_NetworkSecurity_State.Util.Critical" Accessibility="Public" Enabled="true" Target="DirectAccess_Server_Class" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" RelationshipType="DirectAccess_Server.Network_Security" MemberMonitor="Network_Security_StateUtil_Critical">
<Category>Custom</Category>
<Algorithm>WorstOf</Algorithm>
<MemberUnAvailable>Error</MemberUnAvailable>
</DependencyMonitor>