Increase TCP or UDP connection timeout for specific connections

09/30/2022 219 People found this article helpful 231,152 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

In certain occasions you may need to increase the TCP or UDP timeout for a specific connection.

EXAMPLE: If VoIP connections timeout after 60 seconds we would adjust the firewall rule for VoIP traffic and change the UDP timeout value to 60 seconds. 

By default, the TCP connection timeout is 15 minutes and the UDP connection timeout 30 seconds. In order to increase the connection timeout you can modify it from the firewall access rules.

NOTE:The following scenario describes how to modify the TCP connection timeout for a Site-to-Site VPN between 2 SonicWalls.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

Navigate to Policy | Rules and Policies | Access Rules and click the option highlighted in the image below to enter the matrix view.

1. Click on the configure icon for the LAN | VPN zone intersection.
2. On the page that appears, you will see the rules for the SonicWall subnets to the remote SonicWall's subnets that were auto-created when you created the VPN policy.

      3. For the specific policy or policies, click  Configure button located on the right-hand side and click on the                            Advanced tab.

      4. From there, you can adjust the TCP or UDP connection inactivity timeout.

      5. When done. Click Save.

      6. Return to the matrix view style and click on the configure icon for the VPN | LAN intersection.

      7. On the page that appears, you will see the rules for the remote SonicWall's subnets to the SonicWall's subnets                 that were auto-created when you created the VPN policy.

      8. Follow the same steps as before to modify the connection inactivity timeout.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

1. After logging into the GUI , click MANAGE.
2. Navigate to Policies | Rules | Access Rules and click the option highlighted in the image below to enter the matrix view.

1. Click on the configure icon for the LAN | VPN zone intersection.
2. On the page that appears, you will see the rules for the SonicWall's subnets to the remote SonicWall's subnets that were auto-created when you created the VPN policy.
3. For the specific policy or policies, click  Configure button located on the right-hand side and click on the Advanced tab.
4. From there, you can adjust the TCP or UDP connection inactivity timeout.
   
5. When done. click OK.
6. Return to the matrix view style and click on the configure icon for the VPN | LAN intersection.
   
7. On the page that appears, you will see the rules for the remote SonicWall's subnets to the SonicWall's subnets that were auto-created when you created the VPN policy.
8. Follow the same steps as before to modify the connection inactivity timeout.

Related Articles

• Bandwidth usage and tracking in SonicWall
• How to force an update of the Security Services Signatures from the Firewall GUI
• Configure Guest VLAN in the TZ firewall, for guest users to access Internet only.

Categories

• Firewalls > NSa Series > Networking
• Firewalls > TZ Series > Networking
• Firewalls > NSv Series > Networking