This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.
Solved
Iseries WS session keeps disconnecting after periods of inactivity
Posted on 2006-07-21
We have recently experienced constant disconnects on users' WS sessions. All PC users have a WS session file to connect to our AS/400. We have recently installed a ServGate M30 sercuity device/firewall. Aftewards, sessions constantly disconnect after periods of inactivity. All PCs are running XP pro, SP 2. All users are connected to our internal network. There are 2 users connected to our DMZ that do not experience this problem.
My troubleshooting has included the following:
1. A constant ping to the IP of the AS/400 shows no communication loss.
2. I created a KeepAliveTime DWORD in the registry (LocalMachine\CurrentContr
3. I created a startup script at login - CWBCOPWR /KA:1 /MKA:60,3600
I have looked navigated through the ServGate device and do not see anything that would cause the disconnect because of inactivity.
Any help or suggestions is much appreciated.
My troubleshooting has included the following:
1. A constant ping to the IP of the AS/400 shows no communication loss.
2. I created a KeepAliveTime DWORD in the registry (LocalMachine\CurrentContr
3. I created a startup script at login - CWBCOPWR /KA:1 /MKA:60,3600
I have looked navigated through the ServGate device and do not see anything that would cause the disconnect because of inactivity.
Any help or suggestions is much appreciated.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
3
7 Comments
Active 1 day ago
You might have more success by posting your question in the AS/400 topic area:
http://www.experts-exchange.com/Programming/Programming_Platforms/AS400/
-- DaveSlash
http://www.experts-exchange.com/Programming/Programming_Platforms/AS400/
-- DaveSlash
Active today
I would check to see if the ServGate is actually passing the keepalive packets.
I would also check DB2 log on the iSeries server to see if it is showing anything.
Prior to using the ServGate, what were you using as a firewall?
I would also check DB2 log on the iSeries server to see if it is showing anything.
Prior to using the ServGate, what were you using as a firewall?
Active today
Do you have the ability to do a packet capture in-front of the firewal and behind the firewall?
If so I would suggest that you capture the packets to verify what is going on.
I am assuming that you can predict how long after the session starts and there is no activity that it will end. If so, then I would suggest capturing two traces on each side. Trace 1 is the session setup to make sure that the session/connection is starting correctly. Trace two you would start just prior to when you think the connection is going to drop and capture the drop.
I just thought of something, some stateful firewalls have a timer value on how long they will keep track of a conneciton. I may be that your session is lasting longer than this and the firewall is deleting the information it has for the connection.
Also you have the keepalive timer set to 3600000 in the registry which is in ms, in seconds this is 3600, or 1 hour. Do you really want to send the keepalive packet ever hour?
If so I would suggest that you capture the packets to verify what is going on.
I am assuming that you can predict how long after the session starts and there is no activity that it will end. If so, then I would suggest capturing two traces on each side. Trace 1 is the session setup to make sure that the session/connection is starting correctly. Trace two you would start just prior to when you think the connection is going to drop and capture the drop.
I just thought of something, some stateful firewalls have a timer value on how long they will keep track of a conneciton. I may be that your session is lasting longer than this and the firewall is deleting the information it has for the connection.
Also you have the keepalive timer set to 3600000 in the registry which is in ms, in seconds this is 3600, or 1 hour. Do you really want to send the keepalive packet ever hour?
I've changed the regestiry to send keep alives every minute if there is inactity for a 5 minute period. Unfortuantely, I can't predict when the session will disconnect. Seemingly, it varies.
I did find a timer value on our firewall. It was set to 15 minutes. Changing the value to 60 did the trick. thanks giltjr.
Featured Post
Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Recursive SQL in UDB/LUW (you can use 'recursive' and 'SQL' in the same sentence)
A growing number of database queries lend themselves to recursive solutions. It's not always easy to spot when recursion is called for, especially for people una…
Recursive SQL in UDB/LUW (it really isn't that hard to do)
Recursive SQL is most often used to convert columns to rows or rows to columns. A previous article described the process of converting rows to columns. This article will build off of th…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster.
To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month14 days, 19 hours left to enroll
649 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.