Hi,
I'm facing a problem with my web application. I'm using Tomcat 7.0.56, Java 1.8, Postgres 9.4 and Debian 7. The application is configured as followed : The web server is located in a DMZ. The database server is located in our LAN. To communicate with each other, a firewall has been setup (Cisco asa firewall) To authenticate an user to the website, I use the tomcat JDBC Realm. At the beginning, everything works fine, but after about an hour of inactivity, its impossible to authenticate again : Tomcat process seems to be running but doesn't log anything and doesn't answer any other requests. The firewall is rejecting the connection with the following message : Deny TCP (no connection) from WEB/50790 to DB/5432 FIN ACK on interface DMZ_clients I thought, the problem was after a while, if tomcat connexions were not used, the firewall would drop them. So, I tried to add "keepAlive" time-outs (tomcat site, postgres side, ) but none of them worked : Here is the tomcat context.xml : <Resource name="jdbc/elkar" auth="Container" type="javax.sql.DataSource" driverClassName="org.postgresql.Driver" url="jdbc:postgresql://10.2.1.128/elkar" username="asa" password="mei!z60Hm" maxActive="100" maxIdle="20" maxWait="10000" maxAge="60000" removeAbandonned="true" removeAbandonnedTimeout="60" keepAlive="true" autoReconnect="true" /> The postgresql.conf : # - TCP Keepalives - # see "man 7 tcp" for details #tcp_keepalives_idle = 300 # TCP_KEEPIDLE, in seconds; # 0 selects the system default #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; # 0 selects the system default #tcp_keepalives_count = 0 And finally, the Sysctl.conf : net.ipv4.tcp_keepalive_time = 900 net.ipv4.tcp_keepalive_intvl = 60 net.ipv4.tcp_keepalive_probes = 9 Before that, the application was tested without using the firewall and everything worked fine. If you have any idea of why this is happening, I haven't found a solution yet. Regards, Luc D.