06-09-2011 09:36 AM - edited 03-11-2019 01:43 PM
I don't know if this problem is a ASA issue or other, just looking for opinions.
I have a Corporate website where my users keep getting disconnected from. The admin of that website sent me this information in an email.....
I've traced two sessions since Wed: Both had the same experience. Both paused for over 2 minutes. Lost their session. Logged back in on another server.
Our current Server infrastructure is stateful, so our load balancer directs users to the same server based upon IP. A technique known as sticky sessions. This problem indicates that the IP changed after they paused. The server session expires after 2 hours.
All indications point to your firewall assigning users new outbound public IP if they pause for a duration well short of an hour. Perhaps that firewall session can be lengthened or the same public IP assigned to their outbound traffic.
06-09-2011 10:05 AM
Hi,
Check the timeout value on the device "show run timeout" for tcp connections, i guess by default it is 3 hours.
Thanks,
Varun
06-09-2011 10:59 AM
Here is the output from the "sho run timeout" command.... basically all defaults I think.
timeout xlate 1:30:00
timeout conn 12:00:00 half-closed 0:10:00 udp 0:10:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:30:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide