cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
2773
Views
0
Helpful
3
Replies

Default timeout "permit tcp any any established"

Dear All,

First I want to know the default timeout of the following acl command:

permit tcp any any established

Actually One of our server session becomes timeout after every 1 min.

Secondly I have applied access-list only on  the outgoing interface (in direction). When I apply the following access-list above the established acl, I do not get any hit counts :

permit tcp any 1556 host 10.1.1.10 (for the reverse traffic)

But find hit count on the established acl. why ?

Regards,

Anser

3 Replies 3

milan.kulik
Level 10
Level 10

Hi,

there's no timeout in established ACL.

It's just checking the ACK/RST bit in the packet header.

See http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080100548.shtml#internalnetworks

I'm not sure if I understand your second question. The ACL entry syntax is wrong.

What are you trying to achieve?

Detecting a traffic from any host (source port 1556) to your host 10.1.1.10?

permit tcp any eq 1556 host 10.1.1.10

would be the correct syntax then.

HTH,

Milan

Actually when I give the established command then other command for tcp session does not get any hits. Only I am find hits on established command. Even I put specific tcp command above the established command. Why ?

Regards,

Anser

Possibly the hosts sending data are not using source port 1556?

Why don't you try

permit tcp any host 10.1.1.10 log

to see some hits?

HTH,

Milan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: