Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

https timeout

Status
Not open for further replies.
snootalope

snootalope

IS-IT--Management
Jun 28, 2001
1,706
US
Hello

Got a PIX 515 running v7.02 and am having trouble finding how specify how long an https connection should remain before it timesout.

I've found the basic "Connection Timeout" but it doesn't appear it's helping me to adjust that.

Anyone know how I might be able to directly specify the timeout period of an https connection?

---------

The reason i'm wanting to do this is because of this error on an Exchange 2003 sp2 machine:

Event Type: Warning
Event Source: Server ActiveSync
Event Category: None
Event ID: 3033
Date: 8/15/2006
Time: 2:45:10 PM
User: Domain\sm
Computer: Mail
Description:
The average of the most recent [200] heartbeat intervals used by clients is less than or equal to [540]. Make sure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. Specifically, make sure that your firewall is configured so that requests to Exchange ActiveSync do not expire before they have the opportunity to be processed. For more information about how to configure firewall settings when using Exchange ActiveSync, see Microsoft Knowledge Base article 905013, "Enterprise Firewall Configuration for Exchange ActiveSync Direct Push Technology" (

Microsoft recommends upping the timout period for https connections and NOT just the broad connection timeout.
For more information, see Help and Support Center at
 
Sort by date Sort by votes
Did you ever get this resolved? I ahev the same issue pretty much the same setup.

CCNA, CCDP, Net+, A+
Work Smarter, Not Harder....
 
Upvote 0 Downvote
Nope, never got it.

I'm still getting the same warnings in our Exchange servers event log. It's definitly something with the Cingular phones and now it looks like Sprint phones are doing the same thing. I'm sure you've already done it, but a google search turns up alot of people having the same issue with no resolution.
 
Upvote 0 Downvote
Yeah, i scoured everywhere. I do know a guy who is a Pix guru though, i'm trying to get hold of him. If he gives me an answer, i'll be more than happy to share!

CCNA, CCDP, Net+, A+
Work Smarter, Not Harder....
 
Upvote 0 Downvote
That'd be great! I've been working with the PIX for years now and I can't find anything on this https timeout, but I've never had to mess with it before on a PIX either. If needed, I guess i can setup a TAC case with cisco to see if any of their engineers got any ideas..

Anyway, I'm running v7.0(2) on the pix here..
 
Upvote 0 Downvote
Having the same issue. Have you been able to find a resolution to this problem?

Regards,

Eric Brander
 
Upvote 0 Downvote
Thanks for that. However, we're running 6.3 - do you know of a way to do policy-maps with 6.3?

TIA,

Eric Brander
 
Upvote 0 Downvote
Version 6.x doesn't support class-map/policy-map so you have to change the timeouts globally for all of the traffic

Hope that helps
 
Upvote 0 Downvote
I think many people will start having this error with MS Push technology now available and all the new smart phones.

I have a PIX506 V6.2 and I am not sure what to change???

Any CISCO experts out there?
 
Upvote 0 Downvote
So, an update so many months later:

I upgraded our PIX OS code to 7.2, and now the error messages are coming at an order of magnitude more frequently.

My connections time-out setting is already at 1 hour! MS recommends 30 minutes. (According to
The document horus42 posted shows how to set telnet specifically to a 15 minute timeout using a policy map. I was going to try and set up a map for https connections to our OWA server but isn't that covered under the already set 1-hour connections time-out?
 
Upvote 0 Downvote
I wish I had further help for you, but I don't. I can't remember exactly what I did on ours, but the errors aren't showing up anymore.

I think I may have set a registry setting that just stops that message from showing up. I'll try and find exactly what I did...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

napoleao
  • Locked
  • Question
Http Proxy & HTTPS Proxy
Replies
5
Views
406
hairlessupportmonkey
hairlessupportmonkey
kzn
  • Locked
  • Question
Error communicating with Firebox 10.0.0.1. IO_ERROR: Message processing timeout. Please try again
Replies
2
Views
334
kzn
kzn
vlevalois
  • Locked
  • Question
HTTP to HTTPS translation
Replies
1
Views
187
vlevalois
vlevalois
welk
  • Locked
  • Question
will an inbound static port 443 rule prevent other https?
Replies
1
Views
119
welk
welk
linaz
  • Locked
  • Question
Cisco ASA 5505 change protocol 443 timeout value ?
Replies
3
Views
215
linaz
linaz

Part and Inventory Search

Sponsor

Back
Top