Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4123
Views
0
Helpful
2
Replies

How to completely disable SHUN?

ja raju
Level 1
Level 1

‎07-14-2013 09:06 PM - edited ‎03-11-2019 07:12 PM

Hi there,

I have an ASA5510 running Software Version 8.4(4)5. I notice that my users complain that they lose connection to a particular server behind the firewall for about an hour and then they're able to connect normally.

I did some checking and i found out that the server gets shunned for about an hour, prevent access to it.

Is there a way to completely disable the shun 'feature' on the ASA?

Thanks in advanced

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎07-14-2013 11:58 PM

Hello Ja,

This is due to treath detection as this is done dinamically,

So you will need to disable scanning and treath detection

U could use the following command to do a filter :

threat-detection scanning-threat shun except ip-address 10.1.1.0 255.255.255

But if u really want to remove it just add a no in front of the treath detection scanning-threath config,

For Networking Posts check my blog at http://laguiadelnetworking.com/


Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

ja raju
Level 1
Level 1
In response to Julio Carvajal

‎07-15-2013 01:30 AM

Hi! Thanks, i'll test it out and respond here.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card