I have a Unix user that SSH's from the inside network to a Server in the DMZ network. If he leaves it idle the SSH session is killed by the firewall. Is there a way to tell the ASA not to kill SSH sessions through the firewall that are idle?
There are two solutions to this:
1- increase the tcp idle connection on the ASA. The command is "timeout xxxx" or something like that. Check the documentation.
2- enable ssh keep-alive in SSH server itself. In the /etc/ssh/sshd_config configuration of the SSH server, uncomment this line:
then restart the ssh server. With option #2, you do not have to involve the Firewall guy.