cancel
Showing results for 
Search instead for 
Did you mean: 
otruniger
Level 10

idle timeout for ssl tunnel connection

I have some users complaining about quick network interrupts when working with a Citrix based application and when not actively working on it. We use a SSL tunnel to support this application on our 7.3.2.3 gateway.

Can it be the gateway to interrupt a possibly idle SSL-tunnel at all? And which timeout configuration option would apply for that?

Any other pointers on how to omit quick network interrupts in a Citrix application environment?

Thanks for you hints.

0 Kudos
2 Replies
McAfee Employee

Re: idle timeout for ssl tunnel connection

Are you using the Authentication Server? It may be the session TTL which is causing the issue:

https://community.mcafee.com/docs/DOC-4384

Try extending it to see if that helps.

Otherwise try using the proxy control for extending the timeout for that domain or destination range.

Best,

Jon

0 Kudos
otruniger
Level 10

Re: idle timeout for ssl tunnel connection

Thank you Jon,

We use Direct Authentication. It's probably the connection timeout of the default 120 seconds. I didn't want to extend the general setting for it.

I was not really aware of the possibility to override connection timeouts using proxy control. I will add a rule to override the connection timeout setting for certain domains. However I would prefer if such applications sent keep alive messages automatically to prevent idle connections.

0 Kudos