Session Timeout Question

patrick.roche · ‎08-23-2006

Firewall Question

Is there a timeout parameter that will close a session after a certain time interval even if data is passing out of this session?

Is there a way of making sure a SQL session can be made to stay open indefiantlly?

Regards,

Pat

mpalardy · ‎08-23-2006

Use 0:0:0 for the time value to never time out a connection.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/tz.htm#wp1026093

patrick.roche · ‎08-23-2006

Thanks for this.

What about this question:

Is there a timeout parameter that will close a session after a certain time interval even if data is passing out of this session?

andrew.burns · ‎08-23-2006

Hi,

I'd be wary of setting it globally to zero as this may cause resource issues.

You don't say what version of software you're running - but as of version 7.0 you could apply a service policy to ensure that only your sql session gets a timeout of zero.

HTH

Andrew.

sundar.palaniappan · ‎08-23-2006

Hi,

If you set the timeout conn value to 00:00 then it affects all connections through PIX. This could create problems with firewall resources as idle connections will not free up the resources.

However, if you are running a 7.0 code or later you can set the timeout value specific to an application with the service policy configuration. Check out the link below for more info:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080624e19.shtml

As far as your first question of setting an absolute timeout for a connection, even when the connection isn't idle, I don't know of a feature that exists that would let you do this.

HTH,

Sundar