Jim mentioned the timeout for the user. I don't use that much as it's a PITA. One of my customers has it set and it's been a wreck for them.

What I see MUCH more commonly is that the firewall is dumping the connection. There is no traffic on port 2300 for a time and *POOF* the connection is gone.

TWO things I do about this. First is if possible have a shared session at the HMC itself already running. Then lock the HMC console screen. This way if you DO get disconnected you can re-attach to the local session which is still connected to the server. If you can't do that perhaps RDP to a workstation or server locally will work for you.

Second thing is if you can get your firewall guys to add a snippet that prevents connections on port 2300 from timing out. This needs to be on both ends if you're on a point to point tunnel. For Cisco ASA the code is mostly like below. WARNING: clearly you don't want to simply paste this into your firewall. :-)

! This is the port we want to watch for traffic on.
access-list HMC_Console extended permit tcp any any eq 2300
class-map HMC_5250
description HMC Console Connections
match access-list HMC_Console
policy-map global_policy
class HMC_5250
! Here we are telling the firewall not to time out those
! sessions that mach this class.
set connection timeout idle 0:00:00
service-policy global_policy interface inside

- Larry "DrFranken" Bolhuis


On 5/16/2014 11:54 PM, franz9000 via MIDRANGE-L wrote:

What can I do to control timeouts of my remote connection to a hmc (via vpn).
Had to restart a save 21 after the 1st part of savsys "went to sleep".
After no activity for 20 minutes, moved cursor and was forced to re-login to hmc.
Appears endsbs was not clean. (v6r1..but hopefully v7r1 tomorrow)

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page