GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Connect » Too many simultaneous connections - but in reality it's different. (User cannot login into the mailbox. There aren't 150 simultaneous connections like it's written in the log.)
Too many simultaneous connections - but in reality it's different. [message #145400] Fri, 29 March 2019 14:52 Go to next message
devlin is currently offline  devlin
Messages: 11
Registered: March 2019
Hello,
I have a problem. I have one user who cannot from time to time access his mailbox. Webmail is throwing "No internet connection" etc.. And in the log on the mailserver are there logs:

"HTTPS connection from IP address 10.0.10.11 rejected: too many simultaneous connections (151 connections, limit 150)"

Kerio Connect is running on Windows Server 2012 R2. And when I check connections on that server, there are almost no connections from that IP address. Maybe 2 or 3, not 150! In this situation I have to move client to different IP address or restart Kerio Connect.

Version of Kerio Connect is 9.2.7 patch 3 (4225).

User has second notebook and on both of them he was dealing with this.

What could be cause of this? Has anyone else experienced this?
Re: Too many simultaneous connections - but in reality it's different. [message #145411 is a reply to message #145400] Mon, 01 April 2019 15:35 Go to previous messageGo to next message
Carconnex is currently offline  Carconnex
Messages: 67
Registered: November 2016
Location: Belgium
I think it's the total amount of https connection that the system counts. (not only the connections from one ip)
We had the same issue and I resolved it by doing the following steps:

- stop Kerio Connect
- edit manually mailserver.cfg :
...
Section:
<table name="service-https">
<variable name="MaxConnectionsIP">100</variable>
change 100 to 600 for example

- save
- start Kerio Connect

[Updated on: Mon, 01 April 2019 15:36]

Report message to a moderator

Re: Too many simultaneous connections - but in reality it's different. [message #145416 is a reply to message #145411] Tue, 02 April 2019 10:09 Go to previous messageGo to next message
gfilogin2019 is currently offline  gfilogin2019
Messages: 1
Registered: April 2019
I have the same problem with
Apple OSX 10.12.4 as KERIO Connect-Server
with Kerio Connect version 9.2.7 patch 3
total we have 15 Clients (5 are Windows and 10 are Apple OSX)

I have the message after my update from Kerio V8.x to V9x
[01/Apr/2019 07:40:05] HTTP connection from IP address 192.168.1.223 rejected: too many simultaneous connections (1001 connections, limit 1000)


What have i done?

I changed in mailserver.cfg:
<table name="service-http">
<variable name="MaxConnectionsIP">1000</variable>
and
<table name="service-https">
<variable name="MaxConnectionsIP">1000</variable>


But the problem was still there - every 4 days, one inhouse-client is blocked. Then i have to restart the Kerio-Mail-Server. This works than for another 4 days......

In the different Forum i read "change <table name="service-https">
<variable name="MaxConnectionsIP">300</variable>" - ich changed to 1000.

In my case, the problem with the blocked IP is only with 2 Windows-Clients. So i believe, there is something on this windows-clients, that makes "too many simultaneous connections" it must not be a kerio/gfi-problem at all.

The bad thing on this is, that Mail-Server are very important in the companies. So i hope, i can fix this problem in near future.
Re: Too many simultaneous connections - but in reality it's different. [message #145436 is a reply to message #145416] Wed, 03 April 2019 20:40 Go to previous messageGo to next message
scottwilkins is currently offline  scottwilkins
Messages: 103
Registered: May 2006
Location: Tulsa, OK
I'm seeing similar issues in 9.2.7 One or two clients will get a lot of connections, but the symptom is they stop receiving e-mail. They use KOFF under Outlook 2016. After closing all, and even shutting down the computers the connections remain and e-mail still does not flow. Checking the files, there are new messages in their inbox, but they won't flow down to Outlook. A reboot of the mail server is what has fixed it so far, but it happens again in a few days. Something seems messed up between KOFF and Kerio Server.
Re: Too many simultaneous connections - but in reality it's different. [message #145470 is a reply to message #145436] Mon, 08 April 2019 16:53 Go to previous messageGo to next message
Maerad is currently offline  Maerad
Messages: 275
Registered: August 2013
First of all, you can change the settings in the admin GUI. Services > click a service > access > max. number of concurrent connections.
Also check if you have the ip address groups right (all local IP's) and if under SMTP SErver > Security Options those are excliuded "do not apply to ip address group".

Otherwise, instead of trying something, enable additonal debug logs and check the security log, to find the reason WHY the client(s) was/were banned or how many connection trys are there.
You can see how many connections are open in Status > Active connections.

Also the thing that shouldn't happen is a block because of too many http connections. I have disabled the http service and do a url rewrite with IIS to the https site. IMHO there shouldn't be HTTP open in any case. Or at least turn to requite encrypted connection on under the security tab (Security Policy).

If there are over 1k open HTTP concurrent connections, somethings not right.
Re: Too many simultaneous connections - but in reality it's different. [message #146020 is a reply to message #145400] Fri, 21 June 2019 11:20 Go to previous messageGo to next message
devlin is currently offline  devlin
Messages: 11
Registered: March 2019
2 Carconnex:

I know I can raise "MaxConnectionsIP" value, but this is only delaying problem. And yes, it looks like it's total amount of https connections that system counts, not connections from one IP. But I can't understand, why after reaching this limit is blocked always the same user.

2 Maerad:

I have 1000 as a max number of concurrent connections. "MaxConnectionsIP" limit looks like it's limiting us.

There's nothing in security log. Only one kind of message repeating as the user wants to get into his mailbox:
"HTTPS connection from IP address 192.168.1.55 rejected: too many simultaneous connections (151 connections, limit 150)"

What kind of debug log I have to check to see something related to this problem?

I have HTTP disabled. There is only HTTPS allowed.
Re: Too many simultaneous connections - but in reality it's different. [message #146063 is a reply to message #146020] Tue, 25 June 2019 12:33 Go to previous messageGo to next message
Maerad is currently offline  Maerad
Messages: 275
Registered: August 2013
Debug Log I would say anything with network etc. and look out for something like "timeout" or whatever. Really depends on what he uses and where the problem comes from, you need to try this a bit.

How does he connect to the server? Only Webclient? Kerio Client? KOFF?

Does he use another browser like the rest of the users? Any addons in it like speed up ones? Antivirussolution with additional firewall/IDS or Browser Protection Plugin?

It could be, if he uses an addon to increase the speed or firewall from some tool, that the TCP connection to the server gets severed and the timeout for those is quite high. So he builds up a connection like every 2 seconds while the other ones are still "active". Or in case of some download optimizing stuff, the browser opens not one but multiple connections to the server from this IP.

Also open a admin cmd on server and client and do a netstat -a (or some other options, ask -? for the details) to check, how many connections are really there from the client.
Re: Too many simultaneous connections - but in reality it's different. [message #147368 is a reply to message #146063] Thu, 09 January 2020 16:16 Go to previous messageGo to next message
zebby is currently offline  zebby
Messages: 154
Registered: March 2009
Bump.
We're now seeing this. Exactly the same symptoms as above, one IP getting blocked with
HTTPS connection from IP address xxx.xxx.xxx.xxx rejected: too many simultaneous connections (101 connections, limit 100)

Have upped the limit to 1000 in mailserver.cfg but this can only be a sticking plaster, not a real fix.

Re: Too many simultaneous connections - but in reality it's different. [message #147369 is a reply to message #147368] Thu, 09 January 2020 17:07 Go to previous messageGo to next message
ian.bugeja is currently offline  ian.bugeja
Messages: 666
Registered: March 2017
Location: Malta
Do you have a proxy in front of Kerio Connect?

Ian Bugeja
GFI Software
Re: Too many simultaneous connections - but in reality it's different. [message #147371 is a reply to message #147369] Thu, 09 January 2020 17:30 Go to previous messageGo to next message
zebby is currently offline  zebby
Messages: 154
Registered: March 2009
ian.bugeja wrote on Thu, 09 January 2020 16:07
Do you have a proxy in front of Kerio Connect?
We do, and we don't...
Machines on the LAN don't touch the proxy to get to KC, the IP in the log is of an individual PC.
I'd expect to see the IP of the proxy if this was the cause? Or am I barking up the wrong tree here?

Re: Too many simultaneous connections - but in reality it's different. [message #149143 is a reply to message #145400] Tue, 08 December 2020 09:19 Go to previous messageGo to next message
ZZZKOT is currently offline  ZZZKOT
Messages: 27
Registered: September 2019
Hello!

I know this is an old topic. But it only considered a proposal to bypass the limitation in the number of connections.

I want to write about the cause of the problem - at least in our case.
A user with such a problem had a smart speaker connected to his home WiFi. This device seems to somehow monitor the home network, intercept requests from other devices and "spam" requests to that IPs. In our case, it was our Kerio Connect mailserver IP.
As a result, mail stopped working on the user's laptop, and our mail server issued data messages about exceeding the limit of HTTPS connections.
Re: Too many simultaneous connections - but in reality it's different. [message #149146 is a reply to message #149143] Tue, 08 December 2020 22:22 Go to previous messageGo to next message
j.a.duke is currently offline  j.a.duke
Messages: 239
Registered: October 2006
ZZZKOT wrote on Tue, 08 December 2020 03:19
Hello!

I know this is an old topic. But it only considered a proposal to bypass the limitation in the number of connections.

I want to write about the cause of the problem - at least in our case.
A user with such a problem had a smart speaker connected to his home WiFi. This device seems to somehow monitor the home network, intercept requests from other devices and "spam" requests to that IPs. In our case, it was our Kerio Connect mailserver IP.
As a result, mail stopped working on the user's laptop, and our mail server issued data messages about exceeding the limit of HTTPS connections.
Which smart speaker? I would like to know because I'm often asked about technology products in general and would like to know if a given product would cause problems.

Thanks.

Cheers,
Jon
Re: Too many simultaneous connections - but in reality it's different. [message #150433 is a reply to message #149146] Sun, 31 October 2021 16:52 Go to previous message
torbianchi is currently offline  torbianchi
Messages: 3
Registered: October 2021
I have the same problem. I modified the mailserver.cfg to 500 but the message is still the same; it goes on checking up to 100 connection on a given IP. I tried 600, 100 350 in the mailserver.cfg but never changes (of course the mailserver.cfg has been made after stopping kerio-connect). I'm running 9.3.1 patch 1 (5492 build) with 550 users over centos 7
Previous Topic: WIndows 11 built in email client show warning
Next Topic: Domain setting: delete all mails older than x years - when does it run?
Goto Forum:
  


Current Time: Tue Dec 06 09:10:37 CET 2022

Total time taken to generate the page: 0.02802 seconds