Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Idle connections dropping after 1.2-RELEASE upgrade

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cripy
      last edited by

      Hello all,
        We've been using PFsense for quite some time now and last week we upgraded to 1.2-RELEASE.  Ever since the upgrade we have noticed that idle ssh connections (maybe others but this is the most noticeable) will get disconnected after 30min-1hour.  We run a 1:1 nat and do not have captiveportal enabled.  Any suggestions on how to get it to stop terminating idle connections? I've scoured the interface and have not located an option regarding this.  Any help is greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        That's the state timeout, which IIRC is on the Advanced page.

        The more appropriate solution is to enable SSH keepalives in your SSH clients, which will keep the state active. Leaving inactive states hanging around for long periods isn't good.

        1 Reply Last reply Reply Quote 0
        • C
          cripy
          last edited by

          I have tried changing "Firewall Optimization Options" under Advanced to "Conservative" but this has had no effect.  This idle connection dropping just started happening after upgrading to 1.2-RELEASE.  Before the upgrade we never had any issues with idle connections and we feel that enabling ssh keep alives in the client is more of a "hack".  Also, some SFTP clients some of our employees are using do not support keep alive.  This was working previously and I'm more interested in learning how to get it back to allowing idle connections how it used to be.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.