06-11-2008 05:12 AM - edited 03-11-2019 05:57 AM
We replaced our PIX515E running 7.0(1) recently with an ASA5510 running 8.0(3). The configurations of both are, for the most part, identical. However, we are running into issues where the new firewall appears to be closing connections that are in use. The connection timeout is set to 24 hours, but we are seeing the firewall close a connection that is as little as 50 minutes old. Does anyone have any advice on how to fix or troubleshoot this?
Thank you.
06-11-2008 06:13 AM
Which protocol = TCP?
What application exactly = FTP, VOIP etc?
Regards
Farrukh
06-11-2008 07:37 AM
Here are some more details:
It is an HTTPS connection to an apache web server on our DMZ. If I run sho conn, I have some connections almost as old as the timeout setting (24 hours) from the customer that is experiencing the forced connection closure. So some connections from any given source are staying open, and some are being closed by the firewall.
06-11-2008 08:58 AM
Is there any IPS in the transit path? I doubt the firewall would close a similar connection from some flows and let others idle out.
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: