Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need to increase tcp timeout value

Hi Expert,

As we know default tcp timeout value on ASA is 1:00:00 . But I need to configure tcp timeout value between two host as 2:00:00. Rest all connections TCP timeout value should be 1:00:00.

Below is scenarion.

server 172.21.3.5-----inside_interface( ASA Firewall) server_interface-------server 172.21.4.4

Pl's help me with Configuration

Regards,

Suryakant

1 REPLY
New Member

Need to increase tcp timeout value

This can be done multiple ways, I have chosen the global_policy because its already applied to all interfaces. Else you can create a seperate policy-map for inside interface and seperate for outside/dmz interface. The following will work for whichever server (inside or outside) initiates the connection.

  access-list tcptime permit ip host  172.21.3.5 host  172.21.4.4

  access-list tcptime  permit ip  host  172.21.4.4 host  172.21.3.5

class-map TCP

  match  access-list tcptime

policy-map global_policy

  class TCP

  set connection timeout tcp 2:0:0

please rate if the solution is helpful to you.

530
Views
0
Helpful
1
Replies
CreatePlease login to create content