Hi Community team,

I need your help with the next case, maybe someone had the same issue

I have a ASA5550 with 3 interface:

- DMZ, INSIDE, OUTSIDE

We have UDP traffic syslog from some host in the INSIDE LAN to the one server in the DMZ LAN.

* When the DMZ link fail the traffic is reroute to the OUTSIDE interface (defaul route)

* The UDP connection between INSIDE and DMZ is cleared when the link to DMZ is down

* In the ASA we see a new conection trough the INSIDE and OUTSIDE (the server is not reacheble at this moment)

* When the DMZ link is restored, the UDP connection remains trough INSIDE and OUTSIDE interface.

* The traffic is not reroute to the DMZ link, this affect only UDP connection that send continuos traffic.

* The TCP connections work fine, and new connection work fine. Only the UDP conection that always are sending continuos traffic are affected

* We apply a "clear conn" to restore the UDP conections

We found several information in blogs about this issue.

* Some blogs comment about the command "timeout floating-conn 0:01:00" to set the timeout timer to 1 minute

** We apply this command in the asa, we see the same issue

* Some blogs comment about use a EEM script to track events and execute an action

** We configure an EEEM to track some logs and execute a "clear conn"

** The EEM script work fine, the script apply a "clear conn" a the conectiones restore

** The only question is about the performance impact in the CPU and Memory

We see this issue in ASA5550 and ASA5520

I want to know if there is other solution for this issue.

I´m really appreciate your help.

Regards.