Configure Session TTL / Timeout in Fortinet


This blog has moved to its permanent URL – http://ilantz.com

To view this post, please visit – http://ilantz.com/2009/07/23/configure-session-ttl-timeout-in-fortinet/

Advertisements

About ilantz

I am a technology enthusiastic, I've been working as an IT consultant since late 2007, I attained extensive experience with Microsoft's Exchange Server, Active Directory, Forefront products and the Windows server platform. I love designing solutions, handling security measures, architecture and advanced troubleshooting.
This entry was posted in Exchange 2003, Exchange 2007, Networking. Bookmark the permalink.

10 Responses to Configure Session TTL / Timeout in Fortinet

  1. George says:

    Thanks for the info. Could you tell me which ports are required to be set to the extended timeout? Also, did you have to change the timeout in IIS as well?

    • ilantz says:

      only port 443 for HTTPS , in my case..
      i actually didn’t changed the timout in the IIS.

      Cheers ! happy you’ve reached my blog 🙂
      Ilantz

  2. George says:

    Thanks for the info, but I’m still getting the error. Any suggestions?

    • ilantz says:

      Well , it might be that the cellular provider is actually closing the connection. it might be that the firewall is okay.

      if you still have doubts you could always put a sniffer and look for session termination..

  3. Johan says:

    The link to the fortingate solution seems to be broken.
    I cannot find the information anywhere in de kb of fortinet.
    Can you provide other link or short description?

    • ilantz says:

      Thanks for the heads up Johan, I’ve updated the link.
      Session TTL is noted in the CLI reference guide, update if you have issues.

      Happy holidays !

  4. Zack says:

    Here’s what to type from the FortiGate CLI:
    config system session-ttl
    config port
    edit 443
    set end-port 443
    set protocol 6
    set start-port 443
    set timeout 1800
    end
    end

    Microsoft Recommends a 30 minute HTTPS timeout for the best Direct Push Experience:
    http://technet.microsoft.com/en-us/library/aa997252.aspx (Bottom Section of Article)

  5. tiago says:

    Did you now the session-ttl precedence tree? policy ttl have precedence over system/port?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s