I have a server connecting to another server on another site. I have created a static NAT for my server, but I have a problem that after about 2 minutes of idle time the connection is lost and I can not communicate with the other server until it opens the connection again.
I think it is the other firewall on the other site that has a PAT and a timeout on the session of about 2 minutes but their administrator claims this is untrue.
Is there anything I can do to avoid this session timeout or to proove that is not my firewall.
Based on your description of the problem, I am inclined to agree that the issue is indeed on his side of the connection. The fact that the connection cannot be re-established *until* the other side re-opens the connection tells me this is not a problem on your side. Even if the connection was closed on your PIX, it would be re-opened when you tried to re-initiate the connection. Sounds like you may need to assist him in troubleshooting his side of the connection. Good luck!
Ask how the remote site is providing NAT? [static, nat 0, nat/global] Is the remote site using a Pix also?
Regardless of xlate timeouts, the connection will be torn down if idle. What kind of OS and application? The best solution would be to use TCP keep-alives to prevent the session from being idle according to the firewall.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...