ASA timeout settings -- affecting tunnelled traffic?

Answered Question
Sep 7th, 2007
User Badges:

Hello all,


We have one user who routinely connects to our network via VPN over wireless (with the VPN terminating on the DMZ interface of the ASA). Connections to LAN resources work fine, however, if she leaves a telnet session idle for about 2 hours, the session drops -- but she does not lose her VPN session. I was wondering if the connection timeout setting in the ASA would affect this? It is set to 2 hours. I would have thought if that were the case, it would be killing the whole VPN connection. I did check the server thats being connected to, and it does not have any telnet/shell timeouts set.


Thanks for any insight

MJ

Correct Answer by cpembleton about 9 years 9 months ago

The VPN tunnel has it's own timeouts. Once the tunnel is built the ASA still keeps track of all connections just as it would for non-vpn traffic traversing the ASA.


So yes, the timeout for conn will affect the telnet connection and all TCP connections.


Thanks,

Chad


Please rate if this helps!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
cpembleton Sat, 09/08/2007 - 13:48
User Badges:
  • Silver, 250 points or more

The VPN tunnel has it's own timeouts. Once the tunnel is built the ASA still keeps track of all connections just as it would for non-vpn traffic traversing the ASA.


So yes, the timeout for conn will affect the telnet connection and all TCP connections.


Thanks,

Chad


Please rate if this helps!

mauricej74 Sat, 09/08/2007 - 16:15
User Badges:

Thanks Chad! I'll change the timeouts on Monday and will let you know if it fixes it.


M

Actions

This Discussion