Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3836
Views
5
Helpful
6
Replies

Socket read time out error

mulugojjam abebe
Level 1
Level 1

‎07-21-2011 04:08 AM - edited ‎03-11-2019 02:01 PM

Hello,

I face a problem on timeout. there are two servers one in DMZ and the other on the inside network. Those servers continously communicate and after a long hour, like 10 hrs, socket read time out error occured. When I move the DMZ server to the inside network it works perfectly. Access rule is configured from DMZ server to the inside and vice versa.

So if there is something on timeout that should be configured on the firewall please advice.

Thank you in advance

Mulu

Labels:
0 Helpful
6 Replies 6

varrao
Level 10
Level 10

‎07-21-2011 04:11 AM

Hi,

could you just provide an output of show  run from the ASA, please also do collect the logs from the time when such a disconnect happensd from the ASA.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

mulugojjam abebe
Level 1
Level 1
In response to varrao

‎07-22-2011 01:50 AM

Thank you Varun for your fast response.

This is the wierd thing. The servers communicate on day time(working hours) perfectly. but the error occurs during night time(off hours). There are no logs on the ASA, may be the problem is due to idel time out connection. Is there any default behaviour on the ASA that will stop when the connection between the servers is idle(no session). The servers are Weblogic and database servers.

Thank you

0 Helpful

varrao
Level 10
Level 10
In response to mulugojjam abebe

‎07-22-2011 02:03 AM

Hi,

Yes there is a an ideal timeout behavior set on the firewall , but you would need to check the values, for that you can do:

show run timeout

this would tell you all the timeout values set on the firewall for connection timeouts. I would still suggest to check the logs and server setting as well, in the logs if you can see that the built connection was teared down due to timeout and after that the user send a packet for that connection, then the ASA would definitely drop it and hence the error message that you get. On the server you can check if it is sending keepalives for the idle connection so that the connection doesn't time out.

Hope this helps you out.

Thanks,

Varun

Thanks,
Varun Rao

mulugojjam abebe
Level 1
Level 1
In response to varrao

‎07-22-2011 04:59 AM

Thank You Varun,

Hope it will solve it. I will check it today and i will be back to you.

Thank you

Mulu

0 Helpful

mulugojjam abebe
Level 1
Level 1
In response to mulugojjam abebe

‎07-25-2011 05:12 AM

Thank you Varun,

Its solved. The problem was on idel timeout. I appreciate your great help.

Thank you

Mulu

0 Helpful

mulugojjam abebe
Level 1
Level 1

‎08-03-2011 12:52 AM

Dear Varun,

I have faced one problem on the SSL Clientless vpn. It gives me Socket write error when i connect to the server through SSL, but i map the server with public IP and access it directly  and at this time the error disappears. Any configuration the i can tune on the SSL configuration.?

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card