TN5250 sessions dropping when connected thru PIX515E

1ahull · ‎05-28-2003

My company is experiencing dropped TN5250 session when connecting thru our PIX 515E firewall. The TN5250 clients are inside the PIX attempting to an AS400 outside of the PIX. The time out for dropping ranges from 10 minutes upto 90 minutes. We have reviewed our PIX configuration, but are having no success on possible cause. Any tips and/or suggestions on where to look is appreciated.

gfullage · ‎05-28-2003

Enable syslogging on the PIX, and check the syslog messages when a session is terminated. You'll probably see a message like:

%PIX-6-302002: Teardown TCP connection id for faddr IP_addr/port gaddr IP_addr/port laddr IP_addr/port (username) duration time bytes num (chars)

where (chars) will be one of (hope this formats OK):

TCP Termination Reasons

+--------------+---------------------------------------------+

| Reason | Description |

+--------------+---------------------------------------------+

| Reset-I | Reset was from the inside. |

| Reset-O | Reset was from the outside. |

| TCP FINs | Normal close down sequence. |

| FIN Timeout | Force termination after 15 seconds |

| | awaiting for last ack |

| SYN Timeout | Force termination after 2 minutes awaiting |

| | three way handshake completion. |

| Xlate Clear | Command line removal |

| Deny | Terminate by application inspection. |

| SYN Control | Back channel initiation from wrong side. |

| Uauth Deny | Deny by URL filter. |

| Unknown | Catch all error. |

+--------------+---------------------------------------------+

The reason will give you an indication of why the session was closed down.