I have recently
upgraded to NG FP1 and FP2. I have found a new problem
where SSH
connections through these firewalls are frequently torn down with
a
"connection reset by peer" after an arbitrary amount of time.
Currently,
users are reporting disconnects ranging from 60 seconds to 15
minutes. They
are also reporting that their connections are not
idle. I cannot find
anything in the log files to indicate a
problem. I have not changed any of
the TCP timeout values and the SSH
service is set to accept the global
default of 3600 seconds.
It looks
like the Checkpoint/FW1/Firewall newsgroups and mailing lists have
several
posts relating to this topic, but I have not found any responses
providing a
solution (other than to try changing the TCP timeout for the
service or
globally). While I can try to set the SSH service timeout
explicitly to
one hour or more, I don't see how that would have an affect
since users are
reporting disconnects in less than one hour.
Has anyone seen a specific
solution and more accurate problem description
for this
issue?
Thanx,
Semaj...
James W. Klein ([email protected])
Software
& Scanning Services
New Orleans, LA,
USA
|
