Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
723
Views
2
Helpful
1
Replies

long live tcp session through ASA behavior

Go to solution
john-lam
Level 1
Level 1

‎05-17-2023 08:44 AM

An interesting issue came up for me.  I have an ACL that allowed host A to  Host B on port 636.  The firewall have a tcp session timeout of 2 hours.   Host A established a sesson with B did some transfer and went idle.  It then tried to send data again after 3 hours without going through TCP handshake (reusing the same source port).    Will the firewall allow it through even though it passed the session timeout ?     Does the firewall just matches the source IP, dest IP and dest port without looking to see if it see handsake?

 

Thanks in advance.   

 

1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎05-17-2023 09:55 AM

NO, after idle timeout the session is delete from FW and both Host need new handshake 

View solution in original post

1 Reply 1

Go to solution
MHM Cisco World
VIP
VIP

‎05-17-2023 09:55 AM

NO, after idle timeout the session is delete from FW and both Host need new handshake 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card