The FWSM's and ASA's have default connection timeout values, but I need to know if conn timeout values can be defined for individual ports like tcp/udp 111 and others?
I see the following default global connection timeout values as such:
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
Connection timeouts can be defined on a per port basis. Create an access-list to match the traffic. then create a class-map to match the access-list. Apply the class with a service policy.
access-list ABC-Traffic extended permit tcp host 10.25.35.10 10.25.45.0 255.255.255.0 eq 23
match access-list ABC-Traffic
set connection timeout tcp 12:00:00