Working with Active FTP, we are having problems with transferring files larger than 1.5GB because the control channel hits the idle session timeout for FTP (set at 1800 seconds). Temporarily we have increased the timeout to 5400 seconds as a workaround but we are looking for an option to be able to tie the control channel lifetime to the data channel so that as long as as there is data transferring over the data channel the control channel won't time out. Currently I don't know of any way to do this on Palo Alto Networks firewalls, is there any ability to do this?
Hello Did you ever manage to solve this issue with the control channel timeout? I have encountered the same problem, is it just a CLI command to alter the default 1800 idle session timeout?
Actually to increase the application timeout, you may browse to the OBJECTS tab in the GUI>>>>> APPLICATIONS>>>>>search for FTP and then customize the application idle timeout.
This should help you achieve what you are trying to achieve.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!