I've put the Anyconnect VPN client in place at my organization and for the most part, it's working well. However, our mainframe terminal application (Attachmate's Extra) will time out after 60 minutes of inactivity. This is without any idle timers set in the ASA interface. I thought it might be the TCP CONN value, but upping it to 2 hours instead of 60 minutes had no effect. Any ideas where I can start troubleshooting this?
Does it timeout if the application is in use ? Or is it only when it's idle ? Is it anyconnnect that's disconnecting or just the application ?
Capturing the log or a wire trace via a packet capture may show where or who is terminating the session but not why. Having an understanding of your mainframe and the application requirements will help understand the interaction and the environment.
What further details around the application and the client can you provide ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...