Re: Sonicwall Pro 3060 problem: Idle telnet clients are dropped after 6-7 minutes

From: Markus Kraus (mkr_at_gmxpro.de)
Date: 02/11/04


Date: Wed, 11 Feb 2004 12:55:57 -0800

On Wed, 11 Feb 2004 14:52:42 -0600, Ken Very Big Liar wrote:

>We have a newly installed Pro 3060. We have people telneting to another
>location using Mochasoft, and Client Access. As is everyone's habit, several
>connections are made per person. If a window is left idle for ~7 minutes, the
>connection is dropped. It is not the AS/400 doing this as this was not a
>problem yesterday and the idle connection timeout on the 400 is 120 minutes. I
>and the tech working with me, cannot find where the problem lies. We've maxed
>out every 'idle' timer we can find. I'm stumped (my first experience with a
>real firewall), developers are pissed, even Sonicwall support hasn't been a help
>yet. Nothing about dropping the connection is logged by the firewall. I have
>to say an idle ftp connection suffers the same fate. Web browsers, IM clients,
>seem to be immune.

Well, I think it's just the firewall clearing out the entry out of its
internal state table. (A firewall that does NAT needs to maintain a
state table of its connections.) This doesn't help to fix your
problem, I'm just trying to explain it.

Maybe your software (telnet) has some "keep alive" option, to let the
Firewall know that this connection is still being used.

Best regards,
Markus