cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1132
Views
0
Helpful
1
Replies

FWSM: Tcp connection timeout per service?

pweichmann
Level 1
Level 1

Hi,

I was used (netscreen) that I could set a tcp connection timeout per service, e.g. custom service tcp/9444 timeout 02:00:00.

But with the FWSM I could only specify a connection timeout for all tcp connections? Is that true or is there a way to specify it only for certain connections?

1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

Hi

It depends on which version of code you are running on your FWSM. Roughly speaking

2.x = pix 6.x

3.x = pix 7.x

On pix 6.x you could only set the timeout globally for all tcp connections. With v7.x you can do it on a per port basis. So if you have v3.x on your FWSM yes you can do this.

See attached link for more details

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/mpf_f.html

HTH

Jon

View solution in original post

1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

Hi

It depends on which version of code you are running on your FWSM. Roughly speaking

2.x = pix 6.x

3.x = pix 7.x

On pix 6.x you could only set the timeout globally for all tcp connections. With v7.x you can do it on a per port basis. So if you have v3.x on your FWSM yes you can do this.

See attached link for more details

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/mpf_f.html

HTH

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: