SSH Session Resets?

[tty35]

Has anyone ran into the scenario where external SSH conenctions seem to get reset a couple times a hour? We are running on IPSO 3.8-BUILD051 and Check Point VPN-1(TM) & FireWall-1(R) NG with Application Intelligence (R55) HFA_06 for IPSO 3.8, Hotfix 624 - Build 004 and Users have complained that at varying times throughout the day, SSH sessions will get reset and they have to log back into the external resource. Our Global session timeouts are set to 12hrs, so I'm thinking that's not it.

any help would be appreciated.

[dsb.nepo]

Perhaps a firewall in front of the external resource drops the connection.

Some checks (*nix platforms)
- make a connect and start the the 'top' utility (generates less traffic to hold the tunnel)
- check the TMOUT environment variable at the external resource
- check if any of the config params are set
-- both sites ssh(d)_config: TcpAliveCount, TcpAliveCountMax (not prefered, spoofable)
-- at external site sshd_config: ClientAliveInterval, ClientAliveCount
-- at client site ssh_config: ServerAliveCount, ServerAliveCountMax
for general adjustments look into: man ssh(d)_config

If your Users use putty, use only the last version (at the moment 0.58), and enable sending of 'null packets' every 30 sec.

Sample regfile for later adjustment

Code:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions\THE_PUTTY_SESSION_NAME]
"PingIntervalSecs"=dword:0000001e

If this works you can set your Global session timeouts back to the default value.