CSM 3.3.1 : TCP port Timeout for special ports

Unanswered Question
Jan 13th, 2010

Hi,

I would need to create new TCP ports in CSM to be able to increase the timeout (24 hrs or 86400 sec)

Would it work if I create a new inspect? is it the best way of doing this?

I know we cannot use the "timeout con" attribute (because it will modify ALL TCP timeouts)

Best regards,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Panos Kampanakis Wed, 01/13/2010 - 15:07

Yes that is what you want to do. You don't want to change the tcp global timeout.

It will be put in a new class map under a policy map.

It is the "set connection" option under the class-map.

It is under setting the Modular Policy Framework options for connections in CSM.

I hope it helps.

PK

martin.payette@... Thu, 01/14/2010 - 06:32

Hi PK,

thank you for your quick answer.

I have played with Inspects (Inspection Rules), I have found out that I am limited to 12 hrs as a MAX timeout.

So if I understand correctly, the only way I can configure a single TCP port with a timeout of 24hrs is to configure a MPF ( Modular Policy Framework)

Am I correct?

thanks again

Actions

This Discussion