Overview

When the MaxConnectionsIP limit is reached, some users won't be able to log in to the webmail or Outlook, and the following message will appear in the Security logs:

HTTP connection from IP address 192.168.x.x rejected: too many simultaneous connections (101 connections, limit 100)

The default limit is 100 per IP address. You may need a higher limit if you are using shared public IP for the Company office or having a large number of users.

Prerequisites

Administrator (root) access to the Kerio Connect server

Diagnosis

Multiple Email-client connections are being transferred from a single IP address.

Solution

This workaround applies to other Kerio Connect services, such as XMPP, IMAP, POP3, etc. You will need to increase the same variable in the corresponding table.

Stop Kerio Connect.
Navigate to your Kerio MailServer folder, default paths are below:
- Windows: C:\Program Files\Kerio\MailServer\
- Mac: /usr/local/kerio/mailserver/
- Linux: /opt/kerio/mailserver/
Open the mailserver.cfg file, and locate the table names service-http and service-https.
Note: For other Kerio Connect services, the tables would be:
- XMPP: service-xmpp
- IMAP: service-imap
- POP3: service-pop3
Edit the variable MaxConnectionsIP from the default number to a suitable value for your environment under both tables.

Note: The safe limit, according to our Infrastructure and Development teams, is 600. But the value might be smaller depending on your Company Infrastructure.
Save the changes and start Kerio Connect.

Testing

Monitor Kerio Connect Active Connections and Security logs. Ask the Kerio Connect users to confirm the Email clients' stability improved or was back to normal.

Articles in this section

Rejected: too many simultaneous connections

Overview

Prerequisites

Diagnosis

Solution

Testing

Articles in this section

Overview

Prerequisites

Diagnosis

Solution

Testing

Related articles