Set connection timeouts
You can define general timeouts for removing idle connections from the state table, including non-TCP communications that are handled like connections.
The timeout prevents wasting engine resources on storing information about abandoned connections. Timeouts are a normal way to clear traffic information with protocols that have no closing mechanism. The communicating client and server also have timeouts for closing inactive connections.
You can set timeouts by protocol and by TCP connection state. Idle timeouts set in Access rules override these global settings.
Timeouts do not affect active connections. The connections are kept in the state table as long as the interval of packets within a connection is shorter than the timeouts set.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Right-click a Firewall, IPS, or Layer 2 Firewall element, then select Edit <element type>.
- In the navigation pane on the left, browse to .
- Click the Timeout(s) column and enter the timeout value for the protocol in seconds.
- (Optional) Click Add to add a protocol to the list and enter the timeout for the protocol.
-
Click
Save and
Refresh to transfer the configuration changes.
Engine Editor – Advanced Settings – Idle Timeouts
Use this branch to view and change the timeouts for removing idle connections from the state table, including non-TCP communications that are handled like connections.
| Option | Definition |
|---|---|
| Set to Default | Returns idle timeout changes to the default settings.
The default values for the predefined protocols are:
|
| Add | Adds the selected protocol to the table. Opens the Select timeout dialog box. |
| Remove | Removes the selected row from the table. |
Select timeout dialog box
Use this dialog box to add other protocols to the idle timeouts table.
| Option | Definition |
|---|---|
| Select timeout to customize | Lists timeout settings not yet in the Idle Timeouts table. |