Putty Timeout when AFM VPN is used

Question

Hi All,&nbsp;
I am using the F5 AFM VPN to connect to the production network. Upon successful connection, I use putty client to connect to the production servers. Few minutes of inactivity (around 1-2 mins) makes the putty session to timeout. The "time-out” value on /etc/profile  of the linux server (to terminate the inactive terminals) is set to 900 seconds (15mins), but the putty session timesout earlier (arnd 1-2 mins). &nbsp;
Is there any parameter that needs to be changed on the AFM?&nbsp;
Thanks&nbsp;
Cheers,
hpanaman&nbsp;

pedro_haoa · Answer

Hi,&nbsp;
Did you mean Access Policy Manager (APM) VPN SSL Network Access?&nbsp;
Advanced Firewall Manager (AFM) is the Network Firewall module with dos protection of BIG-IP suite.&nbsp;
If you have administrator access to the server, please check the ClientAliveInterval, TCPKeepAlive and ClientAliveCountMax options in the SSHd configuration file.&nbsp;
Also, try enable TCP Keepalives in Putty Connection options.&nbsp;
Finally, use tcpdump in the BIG-IP system to capture a whole Putty connection and paste the output here to see the details.&nbsp;
Bye.&nbsp;

hpanaman_163642 · Answer

Hi,&nbsp;
Following is the settings in my server:
/etc/ssh/ssh_config file
 Host *
        GSSAPIAuthentication yes
        ServerAliveInterval 900
        ServerAliveCountMax 3&nbsp;
/etc/ssh/sshd_config&nbsp;
PrintLastLog yes
TCPKeepAlive yes&nbsp;
UseLogin no
UsePrivilegeSeparation yes
PermitUserEnvironment no
Compression delayed
ClientAliveInterval 900
ClientAliveCountMax 3&nbsp;
ShowPatchLevel no
UseDNS yes
PidFile /var/run/sshd.pid
MaxStartups 10
Also enabled the TCP Keep alives in putty. Also enabled the keepalives--&gt; sessions--&gt; Connections--&gt;sessions between keepalives set to 900. &nbsp;
All the above configuration on the server and the putty client doesnt help. I still get putty client timed out in 1-2 mins. Can help?&nbsp;
Cheers,
hpanaman&nbsp;

hpanaman_163642 · Answer

Hi,&nbsp;
Following is the settings in my server:
/etc/ssh/ssh_config file
 Host *
        GSSAPIAuthentication yes
        ServerAliveInterval 900
        ServerAliveCountMax 3&nbsp;
/etc/ssh/sshd_config&nbsp;
PrintLastLog yes
TCPKeepAlive yes&nbsp;
UseLogin no
UsePrivilegeSeparation yes
PermitUserEnvironment no
Compression delayed
ClientAliveInterval 900
ClientAliveCountMax 3&nbsp;
ShowPatchLevel no
UseDNS yes
PidFile /var/run/sshd.pid
MaxStartups 10
Also enabled the TCP Keep alives in putty. Also enabled the keepalives--&gt; sessions--&gt; Connections--&gt;sessions between keepalives set to 900. &nbsp;
All the above configuration on the server and the putty client doesnt help. I still get putty client timed out in 1-2 mins. Can help?&nbsp;
Cheers,
hpanaman&nbsp;

Forum Discussion

Putty Timeout when AFM VPN is used

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

big3d timeouts

api token timeout change

source address persistence maximum session timeout

iRules LX Sideband Connection - Handling timeouts

idle timeout for admin session on BigIP