Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
727
Views
0
Helpful
1
Replies

Need to increase tcp timeout value

suryakant.chavan
Level 1
Level 1

‎03-09-2012 03:06 PM - edited ‎03-11-2019 03:40 PM

Hi Expert,

As we know default tcp timeout value on ASA is 1:00:00 . But I need to configure tcp timeout value between two host as 2:00:00. Rest all connections TCP timeout value should be 1:00:00.

Below is scenarion.

server 172.21.3.5-----inside_interface( ASA Firewall) server_interface-------server 172.21.4.4

Pl's help me with Configuration

Regards,

Suryakant

Labels:
0 Helpful
1 Reply 1

Fawadnoorkhan_2
Level 1
Level 1

‎03-10-2012 05:38 AM

This can be done multiple ways, I have chosen the global_policy because its already applied to all interfaces. Else you can create a seperate policy-map for inside interface and seperate for outside/dmz interface. The following will work for whichever server (inside or outside) initiates the connection.

  access-list tcptime permit ip host  172.21.3.5 host  172.21.4.4

  access-list tcptime  permit ip  host  172.21.4.4 host  172.21.3.5

class-map TCP

  match  access-list tcptime

policy-map global_policy

  class TCP

  set connection timeout tcp 2:0:0

please rate if the solution is helpful to you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card