Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1103
Views
0
Helpful
1
Replies

timeout for sqlnet connections only?

slug420
Level 1
Level 1

‎10-14-2009 10:49 AM - edited ‎03-11-2019 09:26 AM

Is there a way to have one connection (idle) timeout set for a specific service (in this case sqlnet) that is not applied to all connections globally? Our developers are having problems with connections they feel need to remain open indefinitely...I know "timeout conn 0" will disable the idle timeout but I am a little weary of the impact this will have on system resources on the firewall as a whole when NO connections are timing out....

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎10-14-2009 10:57 AM

Chris

Apologies for not realising ASA v8.x now has an ability to make an ACE inactive, good to know.

This one however i do know as i have faced the exact same problems with SQL. Prior to v7.x you could only set the timeout globally but now you can do it with the MPF (Modular Policy Framework) so you can use a class map to match specific traffic ie SQL in your case and then use a policy to set a connection timeout for that type of traffic. See the examples section in this link -

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/p.html#wp1879322

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card