Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5520 conn do not expired

Greeting

Could anyone advice me why asa5520 keep dns udp connection and never expaired.

my other connection seems ok, only udp:53 can not expire.

my timeout configure is:

sh run timeout

timeout xlate 1193:00:00

timeout conn 0:00:00 half-closed 0:00:00 udp 24:00:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

if it is related to xlate, how can I make udp expire,

Any comments will be appreciated

Thanks in advance

1 REPLY
Silver

Re: ASA5520 conn do not expired

You may try changing the timeout value for UDP connection.

The URL below explains with an example to set the connection limits and timeouts for all traffic:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_connlimits.html#wp1088544

144
Views
0
Helpful
1
Replies