Default timeout "permit tcp any any established"

Unanswered Question
Mar 9th, 2010
User Badges:

Dear All,

First I want to know the default timeout of the following acl command:

permit tcp any any established

Actually One of our server session becomes timeout after every 1 min.

Secondly I have applied access-list only on  the outgoing interface (in direction). When I apply the following access-list above the established acl, I do not get any hit counts :

permit tcp any 1556 host (for the reverse traffic)

But find hit count on the established acl. why ?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
milan.kulik Thu, 03/11/2010 - 04:18
User Badges:
  • Red, 2250 points or more


there's no timeout in established ACL.

It's just checking the ACK/RST bit in the packet header.


I'm not sure if I understand your second question. The ACL entry syntax is wrong.

What are you trying to achieve?

Detecting a traffic from any host (source port 1556) to your host

permit tcp any eq 1556 host

would be the correct syntax then.



Muhammad Anser Khan Thu, 03/11/2010 - 12:21
User Badges:

Actually when I give the established command then other command for tcp session does not get any hits. Only I am find hits on established command. Even I put specific tcp command above the established command. Why ?



milan.kulik Thu, 03/11/2010 - 22:05
User Badges:
  • Red, 2250 points or more

Possibly the hosts sending data are not using source port 1556?

Why don't you try

permit tcp any host log

to see some hits?




This Discussion