topic thank you karsten :) in Network Security

ASA Block Current Session

george.tsanava — Tue, 12 Mar 2019 06:59:28 GMT

hello

I have ASA 5525 and i create on it access rule to permit ping from 172.16.10.10 to 172.16.20.10

im pinging 172.16.20.10 from 172.16.10.10 with -t

now i want to deny ping. i modified this access rule to deny ping.

but ping wasnot interrupted automatically.

i stopped it manually on 172.16.10.10 and when i tryed to ping 172.16.20.10 again then it was denyed.

question is how to block current session on asa to deny all unwanted traffic immediately, and no to stop it manually or without shutting down interfaces?

sorry for my english 🙂 i am new to asa.

thank you in advance.

Changing the access-list

Karsten Iwen — Thu, 03 Dec 2015 21:29:10 GMT

Changing the access-list doesn't delete active sessions on the ASA. You can make it work in two different ways:

Do a "clear conn ..." to delete the actual session. The command takes various parameters that you can see with "clear conn ?".
Do a "shun IP-ADDRESS". This command will block all connections from this IP until you manually remove the shun.

thank you karsten :)

george.tsanava — Fri, 04 Dec 2015 08:37:56 GMT

thank you karsten 🙂