07-05-2010 01:16 AM - edited 03-11-2019 11:07 AM
Hi,
I would like to check if there is a way to increase the timeout/keepalive of ports ? This was recommended
by a vendor but can we do this on the FWSM box ?
Example : To increase the timeout value for port 600-605 to above its default value whatever the default value is ?
Any suggestions/feedack is appreciated.
Cheers,
-SN-
Solved! Go to Solution.
07-05-2010 02:02 AM
Yes, you definitely can by using the "set connection timeout" command with MPF.
Example:
access-list tcp-600-605-acl permit tcp any any range 600 605
class-map tcp-600-605-class
match access-list tcp-600-605-acl
policy-map tcp-600-605-policy
class tcp-600-605-class
set connection timeout tcp
Here is the URL of the command for your reference:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/s1.html#wp2699979
Hope that helps.
07-05-2010 02:02 AM
Yes, you definitely can by using the "set connection timeout" command with MPF.
Example:
access-list tcp-600-605-acl permit tcp any any range 600 605
class-map tcp-600-605-class
match access-list tcp-600-605-acl
policy-map tcp-600-605-policy
class tcp-600-605-class
set connection timeout tcp
Here is the URL of the command for your reference:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/s1.html#wp2699979
Hope that helps.
07-05-2010 05:15 PM
Hi halijenn,
This is what I was looking for .
It looks like I need to learn to navigate the Cisco pages better .
Thank you,
Cheers,
-SN-
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: