[c-nsp] Xwindow session timeout through Pix Firewall
lee.e.rian at census.gov
lee.e.rian at census.gov
Tue Aug 2 07:19:40 EDT 2005
Well then, how about adjusting it on the other side?
Change the tcp keepalive interval from 2 hours to 20 minutes on the HP and
see if that works:
ndd -set /dev/tcp tcp_keepalive_interval 1200000
(not sure about the syntax, I don't have root on any HP machines)
Lee
"Alex Foster" <afoster at gammatelecom.com> wrote on 08/02/2005 06:51:36 AM:
>
> Hi
>
> Have tried this - but it doesn't appear to do anything. I ran some
> packet tracing - but no keep-alives are sent - well certainly not on
> port 6000.
>
> Regards
>
> Alex
>
> -----Original Message-----
> From: lee.e.rian at census.gov [mailto:lee.e.rian at census.gov]
> Sent: 02 August 2005 07:38
> To: Alex Foster
> Subject: RE: [c-nsp] Xwindow session timeout through Pix Firewall
>
> This might work
> open up the Xconfig console and under the Transports section change
> Keep
> alive to yes
>
>
> "Alex Foster" <afoster at gammatelecom.com> wrote on 08/01/2005 10:12:04
> AM:
>
> > Hi Lukasz,
> >
> > Should have included a bit more info. with regards to the type of
> > xwindow session. This is a passive exceed connection used in
> > conjunction with Java Web Start that connects to a HP-OV platform. So
> > this isn't an xstart session with SSH. I found some info regarding a
> > 'session timeout' parameter you can add to some of the exceed profiles
> -
> > but this doesn't work - or maybe Ive just configured it incorrectly -
> I
> > wasn't too sure what profile the passive connection used.
> >
> > Regards
> >
> > Alex
> >
> >
> > -----Original Message-----
> > From: Lukasz Bromirski [mailto:lbromirski at mr0vka.eu.org]
> > Sent: 01 August 2005 14:40
> > To: Alex Foster
> > Cc: cisco-nsp at puck.nether.net
> > Subject: Re: [c-nsp] Xwindow session timeout through Pix Firewall
> >
> > Alex Foster wrote:
> >
> > > Probably off topic here - but wondered if anybody on the list has a
> > > remedy for the following issue: I have need to permit Xwindows
> > sessions
> > > through a Pix Cluster (6.2) - but the sessions timeout after an hour
> > of
> > > inactivity from the Xwindow session (default conn. Timeout is an
> hour
> > -
> > > funnily enough). Other than increasing the conn. Timeout - is there
> > > another way of configuring either the Xwindow server (using
> > Hummingbird
> > > exceed here) or the Pix to keep the Xwindow session alive.
> >
> > If You can't increase idle timeouts, use keepalives for this specific
> > application.
> >
> > I'm sure You've already seen that?
> > http://www.hummingbird.com/support/nc/exceed/exc1003369.html
> >
> > --
> > this space was intentionally left blank | Lukasz
> > Bromirski
> > you can insert your favourite quote here |
> > lukasz:bromirski,net
> >
> >
> > This message has been scanned for viruses by MailController -
> > www.MailController.altohiway.com
> >
> >
> > The information in this e-mail and any attachments is confidential
> > and may be subject to legal professional privilege. It is intended
> > solely for the attention and use of the named addressee(s). If you
> > are not the intended recipient, or person responsible for delivering
> > this information to the intended recipient, please notify the sender
> > immediately. Unless you are the intended recipient or his/her
> > representative you are prohibited from, and therefore must not,
> > read, copy, distribute, use or retain this message or any part of
> > it. The views expressed in this e-mail may not represent those of
> > Gamma Telecom.
> >
> > This message has been scanned for viruses by MailController
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list