https://community.cisco.com/t5/network-security/floating-connections/m-p/3078617#M147110 <P>Hi all,</P> <P></P> <P>We have an ASA 5510 with two ISP lines, one for main use, and the other as a backup. Static routes are used where the main line is SLA tracked. When traffic failsover to the backup line, everything works fine. But when the main line becomes active again, everything apart from a UDP SIP connection goes back to the main line.</P> <P></P> <P>I have seen that this is because the connections are not cleared as floating-conn is set to 00:00:00, and the route is not remapped because the connection doesn't recreate.&nbsp;What is the best practice for setting this timeout? Would 1 minute be suitable?</P> <P></P> <P>Many thanks</P> <P>Aaron</P> Tue, 12 Mar 2019 08:51:35 GMT aaron.catt1 2019-03-12T08:51:35Z https://community.cisco.com/t5/network-security/floating-connections/m-p/3078617#M147110 <P>Hi all,</P> <P></P> <P>We have an ASA 5510 with two ISP lines, one for main use, and the other as a backup. Static routes are used where the main line is SLA tracked. When traffic failsover to the backup line, everything works fine. But when the main line becomes active again, everything apart from a UDP SIP connection goes back to the main line.</P> <P></P> <P>I have seen that this is because the connections are not cleared as floating-conn is set to 00:00:00, and the route is not remapped because the connection doesn't recreate.&nbsp;What is the best practice for setting this timeout? Would 1 minute be suitable?</P> <P></P> <P>Many thanks</P> <P>Aaron</P> Tue, 12 Mar 2019 08:51:35 GMT https://community.cisco.com/t5/network-security/floating-connections/m-p/3078617#M147110 aaron.catt1 2019-03-12T08:51:35Z https://community.cisco.com/t5/network-security/floating-connections/m-p/3078618#M147111 <P>1 minute is suitable for this timer. This is also the value set in this Cisco document that details your exact issue:</P> <P>http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113592-udp-traffic-fails-00.html</P> <P>You can even set a 30 second timer if faster convergence is required.</P> Tue, 31 Jan 2017 13:02:52 GMT https://community.cisco.com/t5/network-security/floating-connections/m-p/3078618#M147111 Rahul Govindan 2017-01-31T13:02:52Z https://community.cisco.com/t5/network-security/floating-connections/m-p/3078619#M147114 <P><SPAN>Many thanks, I did see that but on some other forums apparently 1 minute is too low. At least I don't have to manually enter </SPAN><EM>clear conn</EM><SPAN> now everytime it happens.</SPAN></P> Tue, 31 Jan 2017 14:14:23 GMT https://community.cisco.com/t5/network-security/floating-connections/m-p/3078619#M147114 aaron.catt1 2017-01-31T14:14:23Z