Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?




Hierarchy Level


Enable the device to mark a session for immediate termination when it receives a TCP reset (RST) message. By default, this feature is disabled.


On SRX Series Firewalls with rst-invalidate-session configured the invalidation of the session occurs immediately whereas without rst-invalidate-session configured the session is set to time out 2 seconds after a TCP reset (RST) message has been received.

Required Privilege Level

security—To view this in the configuration.

security-control—To add this to the configuration.

Release Information

Statement introduced in Junos OS Release 8.5.