Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Secure Remote Disconnections

From: Sigurd Urdahl <sigurdur () linpro no>
Date: 20 Sep 2001 10:58:06 +0200
NHawkins () bsc-rscservices com writes:


Some of our users experience unexplainable disconnections through Secure
Remote sessions. Is there anything I am missing that can be set or reset
for better reliability at the client or Firewall end(s)?


Atre any of these clients or servers behind any kind og masquerading
or NAT? That would typically explain the provblem, and you would have
to increase the lifespan of the masqueraded sessions. In linux 2.2
based masquerading this is done with

ipchains -M -S tcp tcpfin udp


From the ipchains man page:


-S, --set tcp tcpfin udp
              Change  the  timeout  values used for masquerading.
              This command always takes 3 parameters,  represent­
              ing  the  timeout  values (in seconds) for TCP ses­
              sions, TCP sessions after receiving a  FIN  packet,
              and  UDP  packets, respectively.  A timeout value 0
              means that the current timeout value of the  corre­
              sponding  entry  is preserved.  This option is only
              allowed in combination with the -M flag.

I think you will find the same type of options on other kind of
network equipment.

-sig

-- 
Sigurd Urdahl                           sigurdur () linpro no
Systemkonsulent | Systems consultant
Linpro A/S                                   www.linpro.no
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: