Cisco Cisco Packet Data Gateway (PDG)
firewall tcp-idle-timeout-action
This command configures action on TCP idle timeout expiry.
In release 9.0 and later this command is also available to NAT.
Important
Product
PSF
NAT
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-fw-and-nat-policy)#
Syntax Description
firewall tcp-idle-timeout-action { drop | reset }
{ default | no } firewall tcp-idle-timeout-action
{ default | no } firewall tcp-idle-timeout-action
default
Configures the default setting.
Default: reset
no
Configures the TCP idle timeout expiry action to reset.
drop
Drops the session on TCP idle timeout expiry.
reset
Resends TCP RST on TCP idle timeout expiry. When configured to reset, the session is dropped, and the
system can avoid packets arriving for the idle flow from getting dropped.
system can avoid packets arriving for the idle flow from getting dropped.
Usage Guidelines
Use this command to configure action to take on TCP idle timeout expiry.
Command Line Interface Reference, Modes E - F, StarOS Release 19
1706
Firewall-and-NAT Policy Configuration Mode Commands
firewall tcp-idle-timeout-action