Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
410
Views
0
Helpful
1
Replies

Connection time out questions.

tin.ngo
Level 1
Level 1

‎05-01-2007 02:57 PM - edited ‎03-11-2019 03:07 AM

I have a pix 515e running 7.1(2)7.

I had been getting connection time out after 5 hours but don't know where the 5 hours come from as the default setting is 3 hours and had not been changed.

** Default timeout on Pix firewall.

PIX# sh run timeout

timeout xlate 3:00:00

timeout conn 3:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

** Firewall log showed connection tear down after 5 hours.

2007-04-30 09:29:39 Local4.Info PIX %PIX-6-302013: Built outbound TCP connection 10249505 for DMZ1:10.186.121.35/50000 (10.186.121.35/50000) to inside:10.186.3.59/2713 (10.186.3.59/2713)

2007-04-30 14:33:49 Local4.Info PIX %PIX-6-302014: Teardown TCP connection 10249505 for DMZ1:10.186.121.35/50000 to inside:10.186.3.59/2713 duration 5:04:19 bytes 796 Connection timeout

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎05-01-2007 03:43 PM

The idle timeout mean that there is no activity at all for 3 hrs.

But connection can be open for more that 3 hours if there is still activity.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727ae.html#wp1026093

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card