Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
667
Views
0
Helpful
3
Replies

DMZ conections get disconnected often

trackme
Level 1
Level 1

‎10-13-2005 11:33 PM - edited ‎03-09-2019 12:43 PM

Hello,

I have a PIX 515 model . Over that i have setup a DMZ where the clients from the DMZ interface telnet to a server inside the PIX. I have complains from the users that connections gets disconnected even when they keep the systems idle for a 10 minutes or in cases even for a minute. They say that the connections freeze just like that.

When i keep both the client and the server in the same subnet meaning bypassing the PIX i never have this problem. This clearly shows that the issue is with the PIX. I dont know what is the reason since i left the time out values to the standards ,

if the server sends the disconnect signal then the same thing should have happened when i keep the server and client in the same LAN.

I have the same issue with another PIX where the one connection running over port 1523 TCP gets disconnected. the connection is setup from the inside network to the DMZ network over the PIX

I checked with the other company who also use the same server . They also have the issue and they fixed that by changing the timeout value to 8 hours for that port alone.

In PIX i dont think we cant do that.

How to fix these issues.

Labels:
0 Helpful
3 Replies 3

arunsing
Level 1
Level 1

‎10-13-2005 11:51 PM

Yes you are right we will have to increase the timeout. Can you send me the output of show timeout. My email is arunsingh1234@yahoo.com

0 Helpful

trackme
Level 1
Level 1
In response to arunsing

‎10-14-2005 04:00 AM

hello,

thanks, i have already increased the timeout value of the half-closed connections to 4 hours for the 1523 port disconnect issue. I have the standard default time out values for the PIX except for the half-closed conenctions.

The strange thing here is the issue is only related to this port, but not to other applications via the same DMZ interface.

Can we try adding the fixup protocol for port 1523 for sqlnet ??? m just wondering that can help here or not.

Coming to the telnet disconnect issue with other PIX, i dont know why it disconnects even for a minute being idle. Here all the timeout values are set to the defaults.

0 Helpful

trackme
Level 1
Level 1
In response to trackme

‎10-27-2005 10:45 PM

hello,

any updates for me on this regard as i still face the same problem

0 Helpful
Customers Also Viewed These Support Documents