Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA5510 forceable closing connections that are in use

We replaced our PIX515E running 7.0(1) recently with an ASA5510 running 8.0(3). The configurations of both are, for the most part, identical. However, we are running into issues where the new firewall appears to be closing connections that are in use. The connection timeout is set to 24 hours, but we are seeing the firewall close a connection that is as little as 50 minutes old. Does anyone have any advice on how to fix or troubleshoot this?

Thank you.

3 REPLIES

Re: ASA5510 forceable closing connections that are in use

Which protocol = TCP?

What application exactly = FTP, VOIP etc?

Regards

Farrukh

Community Member

Re: ASA5510 forceable closing connections that are in use

Here are some more details:

It is an HTTPS connection to an apache web server on our DMZ. If I run sho conn, I have some connections almost as old as the timeout setting (24 hours) from the customer that is experiencing the forced connection closure. So some connections from any given source are staying open, and some are being closed by the firewall.

Re: ASA5510 forceable closing connections that are in use

Is there any IPS in the transit path? I doubt the firewall would close a similar connection from some flows and let others idle out.

Regards

Farrukh

236
Views
0
Helpful
3
Replies
CreatePlease to create content