Telnet Session Timeout
-
I am having issues with my telnet sessions timing out. I am pretty positive it is because of pfsense. I have set my telnet server to not timeout. Does anyone know a setting in pfsense i can set to prevent timeout? I tried setting pfsense to conservative mode, but this did not help much.
Thanks
-
Here is a packet capture. I dont know if this will help. I did a test, and let my telnet session timeout. My ip is 10.0.0.223.
Any help is appreciated.
16:16:42.054698 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:42.195465 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 0
16:16:42.195981 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 13
16:16:42.479252 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:42.479558 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 37
16:16:42.697962 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:42.740048 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 2
16:16:42.773026 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 10
16:16:43.026009 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:43.026358 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 1033
16:16:43.247048 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:43.266065 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 2
16:16:43.397284 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 0
16:16:43.600506 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 17
16:16:43.791392 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:43.791653 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 736
16:16:43.897706 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 2
16:16:43.929994 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 17
16:16:44.119653 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:44.119938 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 221
16:16:44.338888 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:44.350259 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:44.556612 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:45.511863 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:45.537873 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:45.760264 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:45.760582 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:45.866782 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:45.897169 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:46.088279 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:46.088516 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:46.307367 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:46.845729 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:46.865865 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:47.061069 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:47.061778 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:47.180858 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:47.181561 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 15
16:16:47.400703 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:47.400957 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 15
16:16:47.619767 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:48.320343 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:48.350310 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:48.605241 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:48.605459 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:48.822708 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:50.007468 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:50.037945 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:50.244308 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:50.244631 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:50.359870 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:50.381798 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:50.572061 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:50.572258 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:50.791413 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:50.956941 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:50.975783 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:51.228717 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:51.228980 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:51.447818 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:51.724144 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 2
16:16:51.756715 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 37
16:16:51.994582 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:51.995093 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:52.213110 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:53.406693 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:53.428379 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:53.636810 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:53.636954 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:53.853686 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:54.292661 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:54.319196 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:54.394199 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:54.394780 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 7
16:16:54.609802 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:54.610578 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 15
16:16:54.753285 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:54.754108 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 15
16:16:54.947668 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:54.947927 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 16
16:16:55.170977 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:55.679172 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:55.710381 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 9
16:16:55.972886 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:55.973229 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 8
16:16:55.992290 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 2
16:16:56.193996 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 0
16:16:56.259789 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:56.260046 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 420
16:16:56.479732 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:58.294820 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:16:58.322562 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 9
16:16:58.556968 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:58.557244 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 250
16:16:58.775790 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 0
16:16:59.827317 IP 10.0.0.247.1846 > 10.3.1.3.23: tcp 1
16:17:00.022283 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 0
16:17:00.091003 IP 10.3.1.3.23 > 10.0.0.223.7149: tcp 10
16:17:00.272177 IP 10.3.1.3.23 > 10.0.0.247.1846: tcp 52
16:17:00.360151 IP 10.0.0.223.7149 > 10.3.1.3.23: tcp 0 -
If you are leaving the connection idle for a length of time, its possible that the firewall states are being timed out. Of course, telenetd can also be configured to drop idle connections after a certain amount of time as well.
-
Depending on your client, it might be able to do a keep-alive to work around any kind of timeout. In SecureCRT this used to be called "Send protocol no-op every <x>seconds". PuTTY calls it "Enable TCP keepalives (SO_KEEPALIVE option)"</x>
-
Thanks Jimp, I will give putty a try. You don't know any tricks for just the telnet command in the command prompt do you?
-
Not sure offhand, but this might do it: http://msdn.microsoft.com/en-us/library/ms819735.aspx
-
Jimp,
Do you know if there is a keep alive setting in pfsense for the VPN?
-
OpenVPN does a keep-alive on its own, IPsec does keep-alive if you fill in an IP of the remote LAN in the keep-alive box on the tunnel config.