Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
657
Views
0
Helpful
2
Replies

stateful connections ???

shahidrox
Level 1
Level 1

‎11-30-2006 10:36 AM - edited ‎03-11-2019 02:02 AM

hi guys, i got some prob in ASA plz help me out,,

pc1-----------ASA----------pc2

outside inside

now see nat is disabled and i have given an accesslist to allow pc1

to ping pc2. till here it is working fine. now suppose i have issued a

continuous ping from pc1 to pc 2 it goes well but meantime from CLI i removed the access list ! but the ping is still going !!!! if i stop it n

then issue ping again it is not going as expected, but my question is

why didnt it stopped when i removed the accesslist ???

heres my own guess, because the connection was formed already in ASA

stateful table so it was allowing it to go, so is it possible that if i

changed or modify an access list it takes the action immediately ? is

there any command for that ??? becoz i m having a lot of problem in testing

time

based acls they r simply not at all working with ASA, i m using 7.0 ios

so

any help plz ???

Labels:
0 Helpful
2 Replies 2

drolemc
Level 6
Level 6

‎12-06-2006 08:59 AM

If you remove the access-list and save it the action will be taken immediately

0 Helpful

jgervia_2
Level 1
Level 1

‎12-06-2006 06:23 PM

You are correct.

Access list changes only apply to new connections initiated through the firewall. Existing connections (prior to your changes) keep going through the firewall unless you clear them.

You can do a 'show conn' to see what the connections are through your firewall.

--Jason

Please rate this message if it solved some/all of your question/issue.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card