Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1335
Views
16
Helpful
3
Replies

flow-timeout-multiplier and HTTPS termination

astrand
Level 1
Level 1

‎03-17-2006 02:19 AM

Hi,

We have three Cisco CSS 11501 and have some intermittent problems with timeouts for a web-based application. After reading threads in this forum I have concluded that increasing the flow-timeout-multiplier could solve the issue.

We are terminating HTTPS connections in our CSSs and then use HTTP for the connections to the server. Should the flow-timeout-multiplier be applied on the HTTPS or HTTP content rule, or both?

Thanks for your help!

Regards,

Harald

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎03-17-2006 03:29 AM

Harald,

you should configure it on both.

Moreover, the SSL module has its own set of timeouts.

CSS11503(config-ssl-proxy-list[gdufour])# ssl-server 1 tcp server inactivity-timeout ?

Integer value(Range: 0-3600)

This is a timeout for the server side connection, but there is another one for the client side.

Check all TCP options.

Gilles.

astrand
Level 1
Level 1
In response to Gilles Dufour

‎03-20-2006 08:06 AM

What is the guideline for setting the inactivity timeout (server and virtual) for the SSL module?

Should it typically be set higher than the flow timeout, since it is by default (240 seconds)?

Thanks again for your help!

Regards,

Harald

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to astrand

‎03-21-2006 03:18 AM

Harald,

you should adjust the timeout with the timeout on the servers. Make it just slightly higher on the CSS than what you have on the server.

Gilles.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card