About aimken123

aimken123 · 01-21-2013

Hi,I recently had a firewall that wasn't passing traffic (ASA 5510 running software version 9.1).It turned out it had 130000 active connections. Doing a "clear conn port 53" dropped the active connection count back to 38k, and the firewall started p...

aimken123 · 01-23-2013

David, None of my policy maps set connection limits or timeouts (they're all for inspection).On another note, I've since cleared all the connections, and none of the new ones seem to be exceeding the timeout values. Seems like I can't replicate my o...

aimken123 · 01-21-2013

DNS inspection has been removed.The DNS connections still aren't timing out though.

aimken123 · 01-21-2013

Thanks for that.Luckily, this particular firewall is only in a sandpit environment.I've been doing a bit more looking though, and it seems the remaining 38k connections are mostly a mix of udp 161 (SNMP) and udp 389 (AD LDAP).Inspection for SNMP was ...

Member Since	‎01-21-2013 04:09 PM
Date Last Visited	‎02-27-2020 06:55 PM
Posts	4

User Statistics

User Activity

ASA 9.1 conn timeout for DNS?

ASA 9.1 conn timeout for DNS?

ASA 9.1 conn timeout for DNS?

ASA 9.1 conn timeout for DNS?