[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Telnet session disconnect over VPN
Understand. I am not a script guru but I think that a good UNIX script could take care about orphaned processes checking for them periodically. Just my 2c. ********************************** Roman Zeltser, @National Computer Center, RSIS & DNE -----Original Message----- From: Rob Rutherford [mailto:[email protected]] Sent: Monday, July 08, 2002 10:27 AM To: [email protected] Subject: Re: [FW-1] Telnet session disconnect over VPN well maybe hours is a bit of an overshot... perhaps an hour. The telnet sessions are basically part of an ERP system that is used often. The problem is that when the sessions are cut - this leaves orphaned processes on the unix box... thus a pain for admin staff. Thanks for your input everybody Robert Rutherford MIS Department - DEK +44 (0)1305 208232 +44 (0)7970 122362 |---------+----------------------------------------------> | | "Zeltser, Roman" | | | <[email protected]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[email protected]| | | kpoint.com> | | | | | | | | | 08/07/2002 14:47 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |---------+----------------------------------------------> >--------------------------------------------------------------------------- -------------------| | | | To: [email protected] | | cc: | | Subject: Re: [FW-1] Telnet session disconnect over VPN | >--------------------------------------------------------------------------- -------------------| >>The problem is that they can leave the sessions open for hours with inactivity. Rob, In this case, I would change your security policy because this situation is considered a security policy violation (even if you use SSH) ********************************** Roman Zeltser, @National Computer Center, RSIS & DNE -----Original Message----- From: Rob Rutherford [mailto:[email protected]] Sent: Monday, July 08, 2002 9:15 AM To: [email protected] Subject: Re: [FW-1] Telnet session disconnect over VPN Will this keep the session up if the user leaves the session idle for over 5 minutes? The problem is that they can leave the sessions open for hours with inactivity. Thanks Robert Rutherford |---------+----------------------------------------------> | | MURAT BALKAS | | | <[email protected]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[email protected]| | | kpoint.com> | | | | | | | | | 08/07/2002 13:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |---------+----------------------------------------------> > --------------------------------------------------------------------------- -------------------| | | | To: [email protected] | | cc: | | Subject: Re: [FW-1] Telnet session disconnect over VPN | > --------------------------------------------------------------------------- -------------------| Hi, you should change tcp_keepalive_interval value of the server. On server do the followings, 1) 'su' to root 2) Add following line to /etc/init.d/inetinit to set it to 5 miutes. /usr/sbin/ndd -set /dev/tcp tcp_keepalive_interval 300000 Murat Rob Rutherford <[email protected]> Sent by: Mailing list for discussion To: [email protected] of Firewall-1 cc: <[email protected] Subject: [FW-1] Telnet session disconnect over VPN point.com> 07/08/2002 02:42 PM Please respond to Mailing list for discussion of Firewall-1 Hi All, I am having a problem retaining a telnet session over my test VPN... The current situation :- I have a number of clients in a remote office who connect to a HP unix box via telnet sessions. These connections are being dropped after 60 seconds if the user leaves the connection idle. We just cannot see why. We have many other clients at the site using telnet sessions over Frame with no problems, and have done for years It should be noted all other traffic is flowing over the VPN with no problems. If we use a proxy server in the same LAN as the unix box to proxy telnet sessions.. the sessions stay active..bizarre. I don't know if anyone had experienced similar problems before, but it was worth a shot. The problem has been escalated to CheckPoint and HP.. both are having difficulties. Thanks Guys, Robert Rutherford ******************************************************************** This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([email protected]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK Printing Machines Ltd., or its affiliates. ******************************************************************** This footnote signifies that this message has been checked for viruses using Norton and McAfee. ******************************************************************** ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.370 / Virus Database: 205 - Release Date: 6/5/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.370 / Virus Database: 205 - Release Date: 6/5/2002 ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.370 / Virus Database: 205 - Release Date: 6/5/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.370 / Virus Database: 205 - Release Date: 6/5/2002 ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|