Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
544
Views
0
Helpful
1
Replies

ASA migration to Cisco FTD

Asim Afzal
Level 1
Level 1

‎07-10-2017 05:51 AM - edited ‎03-12-2019 02:40 AM

access-list SERVER-TIMEOUT remark TCP Idle Timeout value for Core Services - 10 Hours

access-list SERVER-TIMEOUT extended permit tcp 10.240.178.0 255.255.255.0 any

class-map TCP-IdleTimeout-STO-in

 description TCP Idle Timeout value for Core Services - 10 Hours

 match access-list SERVER-TIMEOUT

policy-map STO-policy

 description TCP Idle Timeout value for Core Services - 10 Hours

 class TCP-IdleTimeout-STO-in

  set connection timeout idle 10:00:00

service-policy STO-policy interface SERVER

I need to migrate the following to Cisco FTD. But as per the document in FLex config timeout commands are blacklisted. Needs to know how i will migrate to FTD.

http://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/flexconfig_policies.html

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-10-2017 08:54 AM

FTD does not yet have feature parity with the ASA. This is an example of that.

If you absolutely need to set the timeout then you will need to wait for a future FTD release to add support.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card