Session Timeout HTTP

Unanswered Question
Mar 2nd, 2009

I use to have a NetGear FVS338

I installed ASA 5505 two weeks ago.

This new firewall must have some timeout settings that the old NetGear didn't have.

I use Microsoft Reporting Services on my webserver that is behind this firewall.

I have a report that takes several minutes to run and now it timesout.

I have UDP 1026, TCP HTTP and HTTPS open.

I set the UDP timeout to 10 minutes in ASDM and this did not solve the issue.

It seems to timeout right at 2 minutes, so there must be a 2 minute default timeout set somewhere that I can't find.

Please help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
daniel8751 Mon, 03/02/2009 - 13:54

Thanks for the response...I set all these to 10 minutes and it still timesout at 2 minutes. Do you have to Reboot the firewall for this to take affect? If so I have to do it after hours.

Ivan Martinon Mon, 03/02/2009 - 14:05

Nope, no reboot is required at all, I would advise you to go ahead and set the logs on the ASA, they will tell you what timed out and why? logging monitor 5 with messages to monitor should show you something.

daniel8751 Mon, 03/02/2009 - 15:03

I set the logging to debug mode.

There are no errors or anything, but the report is still timedout.

One thing I did notice is that the TCP build and teardown happens every minute during the connection.

You get one line saying Built Inbound TCP connection and the next line is teardown TCP connection.

Is it possible to extend the time between teardowns on the TCP connection?

Ivan Martinon Mon, 03/02/2009 - 15:08

What is the reason of the tear down? depending on this is whethere you will be able to control it or not

Ivan Martinon Mon, 03/02/2009 - 15:31

The message that you see here for the port 443 is a normal termination of a TCP connection, the Server receives a Fin Flag, hence the firewall drops this TCP flow since there is no need to keep it up.

daniel8751 Mon, 03/02/2009 - 16:58

Ok - well just coincidence that I put a new firewall in. Turns out my data is getting very large and found this article to fix the issue:

http://support.microsoft.com/kb/825739

Increasing the timeout from this articel solved the problem.

Time to work on some database indexing.

Thanks for your help!!

Actions

This Discussion