03-06-2014 01:21 PM
We have an issue with our firewall. Ever since we did the update to 5.0.11 a few weeks back our RDP connections from WAN to LAN are timing out after 30 minutes of Idle time. I have checked the server settings And they are fine, the only thing thats changed is the firewall version. Below are the NAT and Policy rules for the RDP server. We actually have two seperate internet connections that come in here hence the two NAT rules and the two Policy rules. Does any one know if the 5.0.11 release has any new idle timeouts or if it process the existing time outs differently? I'm suspicious that thats what we are seeing. I've looked around and don't see any so I'm not sure what to check next. I don;t know if other services are timing out as well since most other connections are not persitant like RDP is.
03-06-2014 01:41 PM
Default time out value for a TCP session through PAN firewall will be 3600 Seconds (1 hour). If you think the session is getting timed out after 30 minutes, please verify the same from CLI.
> show session all filter source x.x.x.x destination y.y.y.y application ms-rdp >>>>>> Identify the session ID from here.
> show session id xyz >>>>> verify the output
start time : Thu Mar 6 15:27:55 2014
timeout : 3600 sec >>>>>>>>>>> default time out value
time to live : 3548 sec >>>>>>> TTL since last packet received.
total byte count(c2s) : 2194
total byte count(s2c) : 0
layer7 packet count(c2s) : 4
layer7 packet count(s2c) : 0
Apply the above mentioned command multiple times and see if the TTL value is decreasing correctly, if there are no consecutive packet received/transmitted for the same session.
As per the logic, once the TTL value become 0, then the session will be closed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!