cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
524
Views
0
Helpful
1
Replies

CSM : closing of session (idle timeout > RST)

pkovilic
Level 1
Level 1

Hi,

When a connection is terminated due to the idle timeout expiration, the CSM send back a reset (RST) to the client. Is there a way to modify this behaviour (> CSM sends nothing !) ?

Pascal

1 Accepted Solution

Accepted Solutions

Gilles Dufour
Cisco Employee
Cisco Employee

you could use an idle timeout of 0 [latest version only] to disable this functionality.

But, the reason we use an idle timeout is to protect resources from misbehavior.

If an attacker decides to send you millions of SYN, without an idle timeout the CSM will not free the resources until the attacker sends a FIN or RESET.

Gilles.

View solution in original post

1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

you could use an idle timeout of 0 [latest version only] to disable this functionality.

But, the reason we use an idle timeout is to protect resources from misbehavior.

If an attacker decides to send you millions of SYN, without an idle timeout the CSM will not free the resources until the attacker sends a FIN or RESET.

Gilles.

Review Cisco Networking for a $25 gift card