Overview
Some users cannot log in to the Kerio Connect webmail or Outlook and the following message appears in the Security logs:
HTTP connection from IP address 192.168.x.x rejected: too many simultaneous connections (101 connections, limit 100)
This happens when the MaxConnectionsIP limit is reached. This limit occurs when more users are connected from the same IP address. This article provides a solution for increasing this limit and resolving the issue.
Prerequisites
Administrator (root) access to the Kerio Connect server
Diagnosis
Multiple Email-client connections are being transferred from a single IP address.
Solution
The default limit for MaxConnectionsIP is 100 per IP address. A higher limit should be set if you are using shared public IP for the Company office or having a large number of users. This change is required if you have already reached this limit and there are more users that will be logging in from the same IP address.
-
Navigate to your Kerio MailServer folder, default paths are below:
-
Windows:
C:\Program Files\Kerio\MailServer\ -
Mac:
/usr/local/kerio/mailserver/ -
Linux:
/opt/kerio/mailserver/
-
-
Open the
mailserver.cfgfile, and locate the table namesservice-httpandservice-https.Note: For other Kerio Connect services, the tables would be:-
XMPP:
service-xmpp -
IMAP:
service-imap -
POP3:
service-pop3
-
-
Edit the variable
MaxConnectionsIPfrom the default number to a suitable value for your environment under both tables.
Note: The safe limit, according to our Infrastructure and Development teams, is 600. But the value might be smaller depending on your Company Infrastructure. -
Save the changes and start Kerio Connect.
Testing
Monitor Kerio Connect Active Connections and Security logs. Ask the Kerio Connect users to confirm the Email clients' stability improved or was back to normal.