PIX - Connection timeout configuration

Unanswered Question
Jul 10th, 2008
User Badges:


I've just started dealing with PIX.

We have a couple of vpn's (cisco837) connecting to a pix firewall. Some users reported connections dropping after a certain time of in-activity and they want to know how this is configured on the firewall.

I've checked config and found:

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

vpngroup easy_vpn_remote idle-time 1800

So my question is which one controls the timeout?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
AQPadministrator Thu, 07/10/2008 - 16:38
User Badges:

Its been a little while sinced I have used a PIX but pretty sure it is:

vpngroup easy_vpn_remote idle-time 1800

The 1800 represents seconds, which is 30 minutes.

Hope that helps

muca Thu, 07/10/2008 - 16:56
User Badges:

Thanks Ryan,

So what timeout conn controls? I mean, from what I read it says all "tcp" connections.


This Discussion