Hello Guys,

I Have a problem here.

We deploy a citrix, and i need set no timeout for especific traffic.

So, i create this configuration:

show access-list TimeOutCitrix

access-list TimeOutCitrix; 7 elements

access-list TimeOutCitrix line 1 extended permit ip any host 172.17.2.129 log informational interval 300 (hitcnt=0) 0x238cd297

access-list TimeOutCitrix line 2 extended permit ip any host 172.17.2.130 log informational interval 300 (hitcnt=0) 0x80b4c299

access-list TimeOutCitrix line 3 extended permit ip any host 172.17.2.218 log informational interval 300 (hitcnt=0) 0x726d7587

access-list TimeOutCitrix line 4 extended permit ip any host 172.17.2.224 log informational interval 300 (hitcnt=0) 0x6d9499e1

access-list TimeOutCitrix line 5 extended permit ip any host 172.17.2.226 log informational interval 300 (hitcnt=0) 0x95465853

access-list TimeOutCitrix line 6 extended permit ip any host 172.17.2.227 log informational interval 300 (hitcnt=0) 0x76a9ab24

access-list TimeOutCitrix line 7 extended permit ip any host 172.17.2.232 log informational interval 300 (hitcnt=0) 0x3e7867ad

class-map TimeOutCitrix

match access-list TimeOutCitrix

policy-map global_policy

class TimeOutCitrix

  set connection timeout tcp 0:00:00

service-policy global_policy global

But, the session still keep the timeout in 1 hour.

I have this timeout configuration in my firewall(out of the class map).

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

TCP rede_filiais:10.82.16.15/3356 rede_servidores:172.17.2.130/2598,

    flags UIOB, idle 1s, uptime 54m21s, timeout 1h0m, bytes 154204

The question is, why this occurs? What i need do for change this traffic timeout? Why the

hitcnt in the acl is 0?

Tks!