What is the default idle TCP session time out in FWSM

Answered Question
Feb 13th, 2010
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Hi All,


I would like to know what is the default TCP idle session time out in FWSM and if i want to increase this timer what can be impact and security reasons and how can i do also ? and is there any setting in firewall to increase a idle timeout setting for specific port.


Ganesh.H

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Sat, 02/13/2010 - 03:55
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

ganeshh.iyer wrote:


Hi All,


I would like to know what is the default TCP idle session time out in FWSM and if i want to increase this timer what can be impact and security reasons and how can i do also ? and is there any setting in firewall to increase a idle timeout setting for specific port.


Ganesh.H


Ganesh


It should be one hour. You can view the current timeout settings with "sh timeout" or "sh running-config timeout".


Prior to 3.x code the timeout setting was global so if you changed the TCP timeout it affected all tcp connections. However with v3.x code you can now use Modular Policy Framework to set timeouts for specific ports/IP addresses -


FWSM MPF


Jon

Ganesh Hariharan Sun, 02/14/2010 - 22:03
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Ganesh


It should be one hour. You can view the current timeout settings with "sh timeout" or "sh running-config timeout".


Prior to 3.x code the timeout setting was global so if you changed the TCP timeout it affected all tcp connections. However with v3.x code you can now use Modular Policy Framework to set timeouts for specific ports/IP addresses -


FWSM MPF


Jon


Jon


Yes my query is cleared just can you provide some other document also for port based increasing the idle time out session in firewall.


Ganesh.H

Jon Marshall Sun, 02/14/2010 - 09:44
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Ganesh


Has this solved your query ?


Jon

Actions

This Discussion