PA sends a reset(RST) when TCP session is timeout?

Reply
Sho9240
L0 Member

PA sends a reset(RST) when TCP session is timeout?

Could you tell me when TCP session is timeout, does PA firewall send a TCP reset(RST) packet to endpoint server/client or just close and delete the session from own session table without sending any packets ?

reaper
L7 Applicator

if a tcp session times out (no packets received in X time) the session will simply close and no rst or fin is sent from the firewall

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374
Sho9240
L0 Member

Hi Reaper,

Thanks. One more question.
Can I change PA's setting to send RST when the session is timed out.
reaper
L7 Applicator

Hi @Sho9240

 

no, a RST can only be sent as a response to something. You'd either need to have a deny rule with the action set to reset, or a custom threat signature with action reset

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!