Jim mentioned the timeout for the user. I don't use that much as it's a
PITA. One of my customers has it set and it's been a wreck for them.
What I see MUCH more commonly is that the firewall is dumping the
connection. There is no traffic on port 2300 for a time and *POOF* the
connection is gone.
TWO things I do about this. First is if possible have a shared session
at the HMC itself already running. Then lock the HMC console screen.
This way if you DO get disconnected you can re-attach to the local
session which is still connected to the server. If you can't do that
perhaps RDP to a workstation or server locally will work for you.
Second thing is if you can get your firewall guys to add a snippet that
prevents connections on port 2300 from timing out. This needs to be on
both ends if you're on a point to point tunnel. For Cisco ASA the code
is mostly like below. WARNING: clearly you don't want to simply paste
this into your firewall. :-)
! This is the port we want to watch for traffic on.
access-list HMC_Console extended permit tcp any any eq 2300
description HMC Console Connections
match access-list HMC_Console
! Here we are telling the firewall not to time out those
! sessions that mach this class.
set connection timeout idle 0:00:00
service-policy global_policy interface inside
- Larry "DrFranken" Bolhuis
On 5/16/2014 11:54 PM, franz9000 via MIDRANGE-L wrote:
What can I do to control timeouts of my remote connection to a hmc (via vpn).
Had to restart a save 21 after the 1st part of savsys "went to sleep".
After no activity for 20 minutes, moved cursor and was forced to re-login to hmc.
Appears endsbs was not clean. (v6r1..but hopefully v7r1 tomorrow)