Idle connections dropping after 1.2-RELEASE upgrade
-
Hello all,
We've been using PFsense for quite some time now and last week we upgraded to 1.2-RELEASE. Ever since the upgrade we have noticed that idle ssh connections (maybe others but this is the most noticeable) will get disconnected after 30min-1hour. We run a 1:1 nat and do not have captiveportal enabled. Any suggestions on how to get it to stop terminating idle connections? I've scoured the interface and have not located an option regarding this. Any help is greatly appreciated. -
That's the state timeout, which IIRC is on the Advanced page.
The more appropriate solution is to enable SSH keepalives in your SSH clients, which will keep the state active. Leaving inactive states hanging around for long periods isn't good.
-
I have tried changing "Firewall Optimization Options" under Advanced to "Conservative" but this has had no effect. This idle connection dropping just started happening after upgrading to 1.2-RELEASE. Before the upgrade we never had any issues with idle connections and we feel that enabling ssh keep alives in the client is more of a "hack". Also, some SFTP clients some of our employees are using do not support keep alive. This was working previously and I'm more interested in learning how to get it back to allowing idle connections how it used to be.