Solved: ASA5505 stale routes timeout value

dgoad · ‎06-29-2017

I am using ASDM to configure an ASA5505. When I select anything in the global timeouts section under advanced on the firewall section, I get the message "error - stale routes timeout value cannot be less than 00:00:10. To set stale routes to default value, disable the stale routes checkbox". I am unable to figure out what this is referring to, or how to disable the stale routes checkbox. If anyone could let me know how to get past this, I would appreciate that.

ASA version info:

Cisco Adaptive Security Appliance Software Version 9.2(4)
Device Manager Version 7.8(1)150

Marvin Rhoads · ‎07-01-2017

It appears to be a bug in the current ASDM releases. I see it as well on my ASA 5515-X with ASA 9.6(3.1) and ASDM 7.8(1). I know this used to work in earlier versions of ASDM. It's a seldom-used feature and I rarely ever exercise it.

As a workaround, you can configure the timeouts via the cli.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/firewall/asa-firewall-cli/conns-connlimits.html

View solution in original post

Marvin Rhoads · ‎07-01-2017

It appears to be a bug in the current ASDM releases. I see it as well on my ASA 5515-X with ASA 9.6(3.1) and ASDM 7.8(1). I know this used to work in earlier versions of ASDM. It's a seldom-used feature and I rarely ever exercise it.

As a workaround, you can configure the timeouts via the cli.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/firewall/asa-firewall-cli/conns-connlimits.html

dgoad · ‎07-02-2017

thank you. very helpful.