Checking my audit logs on a problem rule I saw this event" event: ip filter session timeout I goggled it, scanned the sidewinder manual for this error. I have found nothing.
Every session through the firewall has a timeout value. If no data is sent on that session for a certain amount of time the session is closed and it's audited as an 'IP filter session timeout.'
So I think the solution to this one was making my own filter on port 22 and not using the ssh proxy.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center