I have a PIX 515 model . Over that i have setup a DMZ where the clients from the DMZ interface telnet to a server inside the PIX. I have complains from the users that connections gets disconnected even when they keep the systems idle for a 10 minutes or in cases even for a minute. They say that the connections freeze just like that.
When i keep both the client and the server in the same subnet meaning bypassing the PIX i never have this problem. This clearly shows that the issue is with the PIX. I dont know what is the reason since i left the time out values to the standards ,
if the server sends the disconnect signal then the same thing should have happened when i keep the server and client in the same LAN.
I have the same issue with another PIX where the one connection running over port 1523 TCP gets disconnected. the connection is setup from the inside network to the DMZ network over the PIX
I checked with the other company who also use the same server . They also have the issue and they fixed that by changing the timeout value to 8 hours for that port alone.
thanks, i have already increased the timeout value of the half-closed connections to 4 hours for the 1523 port disconnect issue. I have the standard default time out values for the PIX except for the half-closed conenctions.
The strange thing here is the issue is only related to this port, but not to other applications via the same DMZ interface.
Can we try adding the fixup protocol for port 1523 for sqlnet ??? m just wondering that can help here or not.
Coming to the telnet disconnect issue with other PIX, i dont know why it disconnects even for a minute being idle. Here all the timeout values are set to the defaults.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...