1. Home
  2. pfSense® Software
  3. NAT
  4. SSH dropping with NAT reflection

SSH dropping with NAT reflection

  • A

    We are having an issue where if you connect to a host inside our firewall which has SSH forwarded to it w/ NAT reflection… the connection gets dropped after 5-10 seconds of inactivity.  This happens on several of our servers.  If we connect from the inside to the internal (private) IP address of the machine directly, it works fine.  If we connect from the outside it works fine.

    Others seem to have this problem but I haven't found any solutions.  Any ideas on this?  We are running 1.2RC3 I believe, and will upgrade to full 1.2 as soon as we get a chance.

    James

    0
  • ?

    first hits when searching for "reflection timeout" there are lots of threads about this
    http://forum.pfsense.org/index.php/topic,6743.0.html
    http://forum.pfsense.org/index.php/topic,1528.0.html

    you´ll need to reboot fw after changes..if i recall correctly

    /f

    0
  • A

    Ah, including SSH in the search term was showing other irrelevant postings.  Thanks for pointing me to those.

    To summarize for people who run into the same search pitfall:
    If you are running 1.2RC3 or later, adding the following tag to the <system>tag within config.xml will increase the timeout:

    <reflectiontimeout>3600</reflectiontimeout>

    where 3600 is the number of seconds worth of timeout.

    James</system>

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy