Hi
I have issue with one of our applications. We have two security zones: LAN
and Servers. Computers from LAN are connecting to Servers to port TCP/2020
(it's CTI application). Users reported that they have to re-logon due to
idle timeout - I checked security logs on SRX and sessions was disconnected
due to tcp idle-timeout which default is 30 minutes. How I can increase
this timeout for connections TCP/2020 ?
Will below configuration will be sufficient :
security {
policies {
from-zone lan to-zone servers {
policy 1 {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
log {
session-init;
session-close;
}
count;
}
}
}
from-zone servers to-zone lan {
policy 1 {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
log {
session-init;
session-close;
}
count;
}
}
}
}
}
applications {
application myapp {
protocol tcp;
destination-port 2020;
inactivity-timeout 100000;
}
}
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
