Filter
Top Products
22-6
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 22 Configuring Connection Settings
Configuring Connection Settings
no check-retransmission
no checksum-verification
exceed-mss allow
queue-limit 0 timeout 4
reserved-bits allow
syn-data allow
synack-data drop
invalid-ack drop
seq-past-window drop
tcp-options range 6 7 clear
tcp-options range 9 255 clear
tcp-options selective-ack allow
tcp-options timestamp allow
tcp-options window-scale allow
ttl-evasion-protection
urgent-flag clear
window-variation allow-connection
Configuring Connection Settings
This section includes the following topics:
• Customizing the TCP Normalizer with a TCP Map, page 22-6
• Configuring Connection Settings, page 22-10
Task Flow For Configuring Connection Settings
Step 1 For TCP normalization customization, create a TCP map according to the “Customizing the TCP
Normalizer with a TCP Map” section on page 22-6.
Step 2 For all connection settings, configure a service policy according to Chapter 1, “Configuring a Service
Policy Using the Modular Policy Framework.”
Step 3 Configure connection settings according to the “Configuring Connection Settings” section on
page 22-10.
Customizing the TCP Normalizer with a TCP Map
To customize the TCP normalizer, first define the settings using a TCP map.
Detailed Steps
Step 1 To specify the TCP normalization criteria that you want to look for, create a TCP map by entering the
following command:
ciscoasa(config)# tcp-map tcp-map-name
For each TCP map, you can customize one or more settings.