From: Rob Laidlaw (laidlaw@consecro.com)
Date: Thu Jun 10 2004 - 16:07:52 GMT-3
yeah....if you have access to the firewall, go into objects, services,
prefefined, go to telnet and click on edit. Check to see if the timeout
value is set to default or something custom.
or if you have cli access do a "get service telnet"
The default timeout is 30minutes.
set service telnet timeout 30
GL
-Rob
----- Original Message -----
From: "Joseph D. Phillips" <jphillips@ufcwdrugtrust.org>
To: "Group Study (E-mail)" <ccielab@groupstudy.com>
Sent: Thursday, June 10, 2004 1:50 PM
Subject: Telnet sessions breaking
> That would be good if we had any of those here. :)
>
> I think it's the firewall anyway. Anyone here use a Netscreen 25?
>
>
> -----Original Message-----
> From: Jason Aarons [mailto:jaarons@hotmail.com]
> Sent: Thursday, June 10, 2004 11:15
> To: ccielab@groupstudy.com
> Subject: RE: Telnet sessions breaking
>
>
> Run a sniffer/Ethereal/netmon trace and see who sends the TCP reset for
the
> telnet session -jason
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Joseph D. Phillips
> Sent: Thursday, June 10, 2004 1:17 PM
> To: Group Study (E-mail)
> Subject: Telnet sessions breaking
>
> As I mentioned before, I have remote users who are Telnetting to our
central
> office's AIX box.
>
> To secure the connections, I am having them all go to an Aventail SSL/VPN
> appliance, which creates the VPN tunnels for the users and proxies their
> Telnet traffic to the RS6000 running the app they need to do lookups.
>
> My problem is that the users will walk away for a few minutes and find
their
> Telnet sessions have vanished.
>
> There are no inactivity timeouts either within the custom application to
> which the users are Telnetting, and the appliance's timeout is 720
minutes,
> so that's not it, either.
>
> Since we were talking about MTUs earlier, I checked our edge router here.
> The interfaces are all 1500 bytes, but we're not doing tunneling or
anything
> fancy. It's just a fractional T-1 to our ISP.
>
> Have any of you heard of this before? Is there anything particular about
> encrypting Telnet traffic such that sessions would break after a certain
> period of inactivity?
>
> Joseph D. Phillips, CCDP MCSE; Network Manager
> Southern California United Food and Commercial Workers Unions and Drug &
> General Sales Employers Trust Funds
> 2220 Hyperion Avenue, Los Angeles, California 90027
> jphillips@ufcwdrugtrust.org ; office: 323-666-8910 ext 247; cell:
> 562-761-7257; fax: 323-663-9495
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:37 GMT-3