none
Short Timeout when using SSH through TMG

    Domanda

  • Gentlemen, <o:p></o:p>

    We are experiencing a really short timeout sequence when using SSH through TMG and I was wondering if
    someone can help to increase the timeout.<o:p></o:p>

    FYI> As soon as we start using SSH to connect to our switches, the connection start getting denied by TMG within a minute or two inactivity.<o:p></o:p>

    Thanks.<o:p></o:p>

    Regards<o:p></o:p>

    Edward<o:p></o:p>


    martedì 19 giugno 2012 21:08

Risposte

  • Seems like the underlying TCP connection gets disconnected. If memory serves, a TCP connection in windows should be active for at least 2 minutes before disconnecting.

    Note that TMG is pretty aggressive when it comes to shutting down TCP connections but TMG does use the timeouts of the TCP/IP stack. Could it be the remote end that disconnects the session?

    I would use Network Monitor or Wireshark on TMG to see what is happening with the connections and in there identify which peer is closing/resetting the connection.


    Hth, Anders Janson Enfo Zipper

    giovedì 21 giugno 2012 08:51

Tutte le risposte

  • Hi,

    Thank you for the post.

    Do you want to publish SSH through TMG server? if yes, you should define a custom protocol, say SSH inbound on port 22. And then create no web server publishing rule to allow the traffic.

    Regards,


    Nick Gu - MSFT

    mercoledì 20 giugno 2012 01:57
    Moderatore
  • Please describe how you have made SSH available through TMG. Is this internal traffic that is routed through TMG? Or is it for external access?

    How does your rules look like?

    I am not really sure what your problem is, is it that the connection gets disconnected after being idle for a while or is it disconnected after a while regardless of activity?


    Hth, Anders Janson Enfo Zipper

    mercoledì 20 giugno 2012 08:38
  • Hi Gentlemen.<o:p></o:p>

    Thank you for your inputs, <o:p></o:p>

    My problem is the connection session & it gets disconnected after being idle for a minute. <o:p></o:p>

    FYI> All rules are defined properly and all is working great, by the way we have both internal
    and external access configured and both are routed through TMG.<o:p></o:p>

    Hope above is clear now.<o:p></o:p>

    Thanks again for your reply.<o:p></o:p>

    Regards<o:p></o:p>

    Edward<o:p></o:p>


    mercoledì 20 giugno 2012 15:47
  • Seems like the underlying TCP connection gets disconnected. If memory serves, a TCP connection in windows should be active for at least 2 minutes before disconnecting.

    Note that TMG is pretty aggressive when it comes to shutting down TCP connections but TMG does use the timeouts of the TCP/IP stack. Could it be the remote end that disconnects the session?

    I would use Network Monitor or Wireshark on TMG to see what is happening with the connections and in there identify which peer is closing/resetting the connection.


    Hth, Anders Janson Enfo Zipper

    giovedì 21 giugno 2012 08:51
  • Thanks for your feedback,

    I am going to use WireShark on TMG, and in the meantime remote end doesn’t have any effect on session laps.

    I am looking through other resources to figure out more.

    Thanks again.

    Regards

    Edward


    venerdì 22 giugno 2012 15:48