I've seen this issue before with SSH timing out over a perfectly good connection without packet loss. The problem was with the MTU size being too small and the packet was getting dropped. The packet was going through a VPN tunnel through the network to a VPN concentrator. Here's an example. The telnet packet was 1435 bytes in size including all the headers. The Router maximum MTU was 1456 for example. So far so good... Looks like it should get through, correct ports are open etc.. Now the VPN encryption adds an extra 25 bytes for example ( I don't have exact numbers). Now you have a packet that is Encapsulated with encryption for a total size of 1460 bytes. Oh and what also happens is the VPN will put a DO NOT Fragment flag on the packet, because of the encryption. Whats going to happen once that packet hits the router with an MTU size of 1456? It gets dropped because the packet is too large. What happens to the telnet or SSH session, is it starts dropping packets and then times out. It doesn't receive and ACK's from the other end and thinks it is timing out.
So A. Is there VPN involved? If so, could be MTU issue. B. Check the MTU size. Send some large sized pings over 1400 bytes in size with the Do not Fragment Flag. Find out if and where the MTU is set too low. C. Of course check for packet loss or extreme latency. Welp hopefully this helps from my experiences with this type of issue. Eddie Corio Inc. -----Original Message----- From: KM Reynolds [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 17, 2002 8:33 AM To: [EMAIL PROTECTED] Subject: Telnet session traversing PIX are timingout [7:53490] Hi, I have telnet sessions that orginate on the internal side of a PIX to a server on the external side that are timing out (after 60 seconds). Is there a command to increase the timeout period for telnet? If there is what is the max? TIA KR _________________________________________________________________ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53501&t=53490 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]