10-03-2006 06:51 AM - edited 02-21-2020 01:12 AM
Hi
when I connect via Telnet/Ssh my PIX-506E (6.3(5)) after an indeterminate time I'm logged-out for connection reset.
Pinging the PIX interface no packet is lost and this is definitly not a network problem.
Does anybody experienced this kind of problem ?
follows the very simple PIX config.
Tks
ric
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet0 vlan46 logical
interface ethernet0 vlan92 logical
interface ethernet1 auto
nameif ethernet0 trunklink security0
nameif ethernet1 inside security100
nameif vlan46 intf2 security4
nameif vlan92 intf3 security6
enable password xxx
passwd xxx
hostname DITpix02
domain-name t-systems.it
clock timezone WAT 1
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
pager lines 24
logging on
logging console debugging
icmp permit any inside
mtu trunklink 1500
mtu inside 1500
ip address trunklink 217.172.66.88 255.255.255.224
ip address inside 192.168.252.132 255.255.255.240
ip address intf2 192.168.252.146 255.255.255.248
no ip address intf3
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.252.0 255.255.255.240 inside
pdm location 192.168.252.0 255.255.255.0 inside
pdm location 192.168.0.0 255.255.0.0 inside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (trunklink) 1 interface
access-group inside-in in interface inside
access-group intf2-in in interface intf2
route trunklink 0.0.0.0 0.0.0.0 217.172.66.94 1
route inside 192.168.0.0 255.255.0.0 192.168.252.131 1
route inside 217.172.28.0 255.255.0.0 192.168.252.131 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
telnet 192.168.252.128 255.255.255.240 inside
telnet 217.172.28.0 255.255.255.0 inside
telnet timeout 30
ssh 217.172.28.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
dhcpd lease 3600
dhcpd ping_timeout 750
terminal width 80
Cryptochecksum:xxx
: end
10-03-2006 07:40 AM
You have configured :
telnet timeout 30 = 30 minutes timeout
ssh timeout 5 = 5 minutes timeout
change this to 0 = to disable timeout on telnet and ssh or set a longer time.
sincerely
Patrick
10-09-2006 02:18 AM
thks patrick
but this is not the problem, since I get the disconnection after 50 sec...
and anyway is not possible anymore disable the timout...
I put it to 60 mins and nothing changed.
Greetings
Ric
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: