Monitoring connection settings, Monitoring tcp state bypass, Configuration examples for connection settings – Cisco ASA 5505 User Manual
Page 1142
53-14
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 53 Configuring Connection Settings
Monitoring Connection Settings
Monitoring Connection Settings
This section includes the following topics:
•
Monitoring TCP State Bypass, page 53-14
Monitoring TCP State Bypass
To monitor TCP state bypass, perform one of the following tasks:
Configuration Examples for Connection Settings
This section includes the following topics:
•
Configuration Examples for Connection Limits and Timeouts, page 53-15
•
Configuration Examples for TCP State Bypass, page 53-15
•
Configuration Examples for TCP Normalization, page 53-15
set connection advanced-options
tcp-map-name
Example:
hostname(config-pmap-c)# set connection
advanced-options tcp_map1
Customizes the TCP normalizer. See the
Normalizer with a TCP Map” section on page 53-6
to create a
TCP map.
set connection advanced-options
tcp-state-bypass
Example:
hostname(config-pmap-c)# set connection
advanced-options tcp-state-bypass
Enables TCP state bypass.
Step 6
service-policy
policymap_name {global |
interface
interface_name}
Example:
hostname(config)# service-policy
tcp_bypass_policy outside
Activates the policy map on one or more interfaces. global applies
the policy map to all interfaces, and interface applies the policy
to one interface. Only one global policy is allowed. You can
override the global policy on an interface by applying a service
policy to that interface. You can only apply one policy map to
each interface.
Command
Purpose
Command
Purpose
show conn
If you use the show conn command, the display for connections that use
TCP state bypass includes the flag “b.”