Global timeouts

Unanswered Question
Apr 27th, 2009

Hello to all.

The connection timeouts on ASA firewall are the default ones, so for Idle connection is 1 hour.

My question is : the SSH Idle connection between to hosts on different interfaces of ASA will be disconnect after 1 hour or not? Or after 10 min , time of half open connection?

Best regards


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)

Try this example - I've included a network object group so that you can see how to implement using that as well:

access-list EX-CONN remark Custom timeout policy for Users to not timeout to Exchange

access-list EX-CONN extended permit ip object-group ExchangeServers

class-map EX-CONN

description Custom timeout policy for Certain users to Exchange

match access-list EX-CONN

policy-map global_policy

class inspection_default

inspect dns maximum-length 2048


class EX-CONN

set connection timeout tcp 9:00:00


This Discussion