Firewall Capabilities

Number of Supported Firewall Rules

There is no software-defined limit to the number of rules that may be created. A safe upper limit, due to potential hardware constraints, would be 25,000 lines.

Encrypted Throughput Capacity

AES-128 was used for testing encrypted throughput on Accelerated LTE routers, yielding the following results:


Download Upload
CX Series 150 Mbps 50 Mbps
SR Series 100 Mbps 50 Mbps

Concurrent Sessions

Default settings allow 8,192 concurrent sessions though this value can be adjusted via custom configuration.

The maximum is 65,536 -- though this assumes sessions are short lived and/ or low-bandwidth -- a good upper limit is 10,000.

New Sessions per Second

No limit exists in the software, though a safe upper limit would be 150 sessions.

Wildcard IP Support

Wildcard IPs are supported via custom firewall rules (iptables), which leverage CIDR networking to set up a range of IPs (e.g. 192.168.0.1/24).

FQDN Support

FQDN is supported via custom firewall rules (iptables).

However, the FQDN is resolved at the time of process/applying the firewall rule, not with each packet inspected. Meaning, if the IP of a domain changes, the firewall rule will not apply to the new IP address. You would have to reload the firewall for the device to resolve the domain to the new IP. It is better to stick with IP addresses in firewall rules instead of FQDNs.