I deployed a Cisco WRP500 (a SOHO-sized wi-fi router with two built-in analog telephone adapter lines) recently. As a replacement for the now-discontinued WRP400 it works well, except for one issue: I am finding that SSH sessions from individual computers behind the WRP500's NAT to outside Internet servers are being silently dropped after even a few minutes of inactivity. On an outbound SSH connection to a commercial data centre (so no NAT on their end, just ours) the connection might still be alive after ten minutes of activity but will be dead after 15-20 minutes.

I looked at https://supportforums.cisco.com/t5/network-infrastructure-documents/how-to-configure-a-nat-translation-timeout/ta-p/3109488 and https://supportforums.cisco.com/t5/wan-routing-and-switching/ssh-sessions-over-nat-will-timeout-and-disconnect-why/td-p/1068624 but neither appear to apply to the WRP500; all they're telling me is that some other Cisco device at the higher end of the market has a configurable NAT translation timeout which defaults to something sensible (ie: one day).

I checked the WRP500 .pdf administration manual and the 192.168.15.1 administration interface; there are NAT options to forward specific ports, but I find no indication of how quickly an open but inactive connection (such as an SSH session sitting idle at the command line) should expire and no indication of how to set this timeout to something sensible.

If I leave an application open (such as "top", which prints a list of active processes at 3-second intervals) the connection remains alive. If I leave the connection open but idle, it dies in a few minutes - in the stock Linux SSH server and client, the client goes unresponsive, then later shuts down with a 'broken pipe' error. This started happening when we upgraded to the WRP500; the older WRP400 (for all of its other quirks and bugs) was fine in this regard.

Is there any way to get the WRP500 to stop disconnecting idle SSH connections in which it is the intermediate NAT node?