Hi,

I'm trying to implement a connection parameter on an ACE module that sumply sets the TCP timeout to 0.

I can get this to work fine if I permit all TCP traffic in the class-map, but it doesn't work if I use an ACL;

>>Match all TCP;

parameter-map type connection TCP-Timeout

set timeout inactivity 0

class-map match-all TCP-Timeout-Out-Class

2 match port tcp any

class-map match-all TCP-Timeout-in-Class

2 match port tcp any

policy-map multi-match TCP-Timeout-Out-Policy

class TCP-Timeout-Out-Class

connection advanced-options TCP-Timeout

policy-map multi-match TCP-Timeout-in-Policy

class TCP-Timeout-in-Class

connection advanced-options TCP-Timeout

Interface vlan 920

....

service-policy input TCP-Timeout-in-Policy

Interface vlan 923

....

service-policy input TCP-Timeout-Out-Policy

>>Match ACL;

access-list TCP-Timeout-Group-Out line 10 extended permit ip 10.221.178.0 0.0.0.255 any

access-list TCP-Timeout-Group-in line 10 extended permit ip any 10.221.178.0 0.0.0.255

parameter-map type connection TCP-Timeout

set timeout inactivity 0

class-map match-all TCP-Timeout-Out-Class

match access-list TCP-Timeout-Group-Out

class-map match-all TCP-Timeout-in-Class

match access-list TCP-Timeout-Group-in

policy-map multi-match TCP-Timeout-Out-Policy

class TCP-Timeout-Out-Class

connection advanced-options TCP-Timeout

policy-map multi-match TCP-Timeout-in-Policy

class TCP-Timeout-in-Class

connection advanced-options TCP-Timeout

Interface vlan 320

....

service-policy input TCP-Timeout-in-Policy

Interface vlan 323

....

service-policy input TCP-Timeout-Out-Policy

Any ideas?

Many Thanks