CBAC ACL

From: Wright, Jeremy (wright@admworld.com)
Date: Wed Mar 31 2004 - 22:38:39 GMT-3

• Next message: Scott Morris: "RE: Access list"
• Previous message: William Lijewski: "RE: Access list [bcc][faked-from]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have CBAC up and running. I see sessions when issuing sh ip inspect sessions. I also see the temporary lines being added to the ACL. My problem is that there are now numerous lines of ACL from sessions that were established before and the entries are not removing and stays open even though the users are not there. I turned my http/tcp/udp timers down but the ACL lines are stuck in there. Is there some timer or config I can adjust to eliminate this? Thanks.

ip inspect name CBAC-FW ftp timeout 3600
ip inspect name CBAC-FW http timeout 5
ip inspect name CBAC-FW smtp timeout 3600
ip inspect name CBAC-FW tcp timeout 5
ip inspect name CBAC-FW cuseeme timeout 3600
ip inspect name CBAC-FW h323 timeout 3600
ip inspect name CBAC-FW rcmd timeout 3600
ip inspect name CBAC-FW realaudio timeout 3600
ip inspect name CBAC-FW sqlnet timeout 3600
ip inspect name CBAC-FW streamworks timeout 3600
ip inspect name CBAC-FW tftp timeout 3600
ip inspect name CBAC-FW vdolive timeout 3600
ip inspect name CBAC-FW udp timeout 5

 
 
 
 
 
 
 *****************************************
              Jeremy Wright
              CCIE# 11168
              Network Engineer
              Archer Daniels Midland
              wright@admworld.com
              (217)451-4063
 
*****************************************

CONFIDENTIALITY NOTICE:
        This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.
        If you have received this communication in error, please notify us immediately by email reply or by telephone and immediately delete this message and any attachments. In the U.S. call us toll free at (800) 637-5843.
        Spanish, French, French (Canada), Portuguese, Polish, German, Dutch, Turkish, Russian, Japanese and Chinese: http://www.admworld.com/confidentiality.htm.

• Next message: Scott Morris: "RE: Access list"
• Previous message: William Lijewski: "RE: Access list [bcc][faked-from]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Apr 01 2004 - 08:15:50 GMT-3