timeout for sqlnet connections only?

Unanswered Question
Oct 14th, 2009

Is there a way to have one connection (idle) timeout set for a specific service (in this case sqlnet) that is not applied to all connections globally? Our developers are having problems with connections they feel need to remain open indefinitely...I know "timeout conn 0" will disable the idle timeout but I am a little weary of the impact this will have on system resources on the firewall as a whole when NO connections are timing out....

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 10/14/2009 - 10:57

Chris

Apologies for not realising ASA v8.x now has an ability to make an ACE inactive, good to know.

This one however i do know as i have faced the exact same problems with SQL. Prior to v7.x you could only set the timeout globally but now you can do it with the MPF (Modular Policy Framework) so you can use a class map to match specific traffic ie SQL in your case and then use a policy to set a connection timeout for that type of traffic. See the examples section in this link -

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/p.html#wp1879322

Jon

Actions

This Discussion