Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Created: 14 Feb 2008 • Updated: 21 May 2010 | 4 comments

The error below appears shortly after an install of SEP 11.0.1 client on Windows XP SP2. Symantec of course has been no help except uninstall/reinstall which does not work. So far I have seen this on several PC's, all of which are XP SP2 machines.

Event Type:    Warning
Event Source:    Tcpip
Event Category:    None
Event ID:    4226
Date:        2/13/2008
Time:        8:10:06 PM
User:        N/A
Computer:    CLIENT-xxxxx
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00   ......T.
0008: 00 00 00 00 82 10 00 80   .... ..
0010: 01 00 00 00 00 00 00 00   ........
0018: 00 00 00 00 00 00 00 00   ........
0020: 00 00 00 00 00 00 00 00   ........

Comments 4 CommentsJump to latest comment

Russ H's picture
I think you are running into XP's concurrent connection limit (5 if I remember correctly). Try changing from PUSH to PULL mode (Clients > (select a group) > Policy (tab, right hand side) > Communication Settings) and see if that helps.
KeithT's picture

It's actually 10 connections. I changed to pull mode, and that did not help. The clients are still getting tons of mrxsmb errors in the event log.

GrahamA's picture
When you see this error on a PC, could you open a DOS command line and run the command 'netstat -anb > output.txt', then review the output.txt file in notepad. Look for the established/open connections. Please send us the relevant parts of the netstat output for review if you can. Many thanks.
 
The -b will confirm which process is using the port, smc.exe is the SEP client process so we can look out for that.

GrahamA Product Management, Symantec Security Solutions