4. SSH dropping with NAT reflection

SSH dropping with NAT reflection

  • A

    We are having an issue where if you connect to a host inside our firewall which has SSH forwarded to it w/ NAT reflection… the connection gets dropped after 5-10 seconds of inactivity.  This happens on several of our servers.  If we connect from the inside to the internal (private) IP address of the machine directly, it works fine.  If we connect from the outside it works fine.

    Others seem to have this problem but I haven't found any solutions.  Any ideas on this?  We are running 1.2RC3 I believe, and will upgrade to full 1.2 as soon as we get a chance.

    James

    0
  • ?

    first hits when searching for "reflection timeout" there are lots of threads about this
    http://forum.pfsense.org/index.php/topic,6743.0.html
    http://forum.pfsense.org/index.php/topic,1528.0.html

    you´ll need to reboot fw after changes..if i recall correctly

    /f

    0
  • A

    Ah, including SSH in the search term was showing other irrelevant postings.  Thanks for pointing me to those.

    To summarize for people who run into the same search pitfall:
    If you are running 1.2RC3 or later, adding the following tag to the <system>tag within config.xml will increase the timeout:

    <reflectiontimeout>3600</reflectiontimeout>

    where 3600 is the number of seconds worth of timeout.

    James</system>

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy