telnet timeout over VPN
 

Hello,
I don't know if this is a *nix problem, a VPN problem or what.

We have Site-to-Site VPN's setup. The remote firewall is a Nokia IP71 or an IP120. The firewall here is a Nokia 4400 running Checkpoint.

If our tenet sessions sit idle for about an hour, they silently time out and die. If you press return, you have to wait a minute or so, then you are told the connection is dead and you have to log back in. I have seen this with 3 different telnet clients (Tun, Mochasoft, and M$ telnet) to 3 different platforms (HP-UX 11.0, AIX 4, and Linux RH8.0) and see this timeout on with all platforms. We have some sites with frame relay connections where the clients telnet with the same client to the same system (HP-UX 11.0) and do not experience this problem.

I have run a sniffer on the client side and when the timeout happens, there is no traffic. The firewall (logging everything) on the local firewall didn't show any traffic when a timeout happens.

If both the Frame connections and the VPN connections were dropping, then I would be looking on the *nix servers. In one test from a pc, we started a ping from the PC to a server on the orther side of the VPN and let it run. Then we ran a telnet across the connection. The ping ran without a hiccup, the telnet dropped so I know the whole connection/tunnel isn't dropping.

Does anybody have any idea's?

Thanks
jhisaac1

We had a similar problem with a firewall - try explicitly allowing telnet access - to and from - the server. It worked for us!

Also - if it is a linux firewall I think your iptables rule needs to be set to allow idle connections. Not sure how to do it offhand - I just read somewhere that it doesn't allow permenant connections by default.

Default timeout setting
 

3600 seconds is the default timeout for telnet. It's set in smartdashboard under services (tcp) telnet, advanced settings. default 3600 seconds or 1 hour.