CSM 3.3.1 : TCP port Timeout for special ports

Unanswered Question
Jan 13th, 2010
User Badges:

Hi,


I would need to create new TCP ports in CSM to be able to increase the timeout (24 hrs or 86400 sec)


Would it work if I create a new inspect? is it the best way of doing this?


I know we cannot use the "timeout con" attribute (because it will modify ALL TCP timeouts)


Best regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Panos Kampanakis Wed, 01/13/2010 - 15:07
User Badges:
  • Cisco Employee,

Yes that is what you want to do. You don't want to change the tcp global timeout.


It will be put in a new class map under a policy map.

It is the "set connection" option under the class-map.

It is under setting the Modular Policy Framework options for connections in CSM.


I hope it helps.


PK

martin.payette@... Thu, 01/14/2010 - 06:32
User Badges:

Hi PK,


thank you for your quick answer.


I have played with Inspects (Inspection Rules), I have found out that I am limited to 12 hrs as a MAX timeout.


So if I understand correctly, the only way I can configure a single TCP port with a timeout of 24hrs is to configure a MPF ( Modular Policy Framework)


Am I correct?


thanks again

Panos Kampanakis Thu, 01/14/2010 - 06:41
User Badges:
  • Cisco Employee,

Yes, you are correct.

to change timeouts for specific tcp ports you need MPF.


PK

Actions

This Discussion