02-03-2006 04:48 PM - edited 03-09-2019 01:50 PM
Is there any way to adjust the TCP timeout for a specific address and leave everything else at its default? I have a device that communicates in a way that its TCP session will drop after a while, and I need it to stay open. I don't want this to be the case for all other traffic, however. Can this be done?
02-05-2006 01:26 PM
Hello,
which device are you talking about?
Regards, Martin
02-06-2006 02:22 AM
Hi,
I am assuming yo want to do it on PIX as this post is under firewall section.
This can be done however only in Ver 7.X of Pix through QOS.
There is a three step procedure.
1)Classify the traffic for which you want to set the timeout value with the "class-map" command.
2)Define the "policy-map" and add the defined class and then set the timeout value.
3)apply this policy by "service-policy"
example
I want to set the timeout value for 10.1.1.1
(config)# access-list servertimeout permit tcp any host 10.1.1.1
(config)# class-map timeout-server
(config-cmap)# match access-list servertimeout
(config-cmap)# exit
(config)# policy-map serverpolicy
(config-pmap)# class servertimeout
(config-pmap-c)# set connection timeout [Dont remember the exact command]
(config)#service-policy serverpolicy global or interface
Regards,
Tanveer
02-07-2006 06:01 PM
Yes, it was for a PIX, sorry I forgot to add that. It is running 7.01 so it looks like I can do it. Thats awesome! Thanks for the help!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide