TCP Timeout Default

harrydanger · ‎03-13-2009

Hi,

Can anyone confirm what the default TCP timeout value is for TCP ports created on Juniper firewalls.

We are using SG550M's if it makes a difference. From what I can gather it is 30 mins (but may be wrong)

HD.

WL · ‎07-26-2008

Yes, default it 30mins (TCP-ANY) service:

ssg5-isdn-wlan-> get ser | i HTTP
HTTP                         6          80 info seeking        5    Pre-defined
HTTP-EXT                     6        7001 info seeking        5    Pre-defined
HTTPS                        6         443 security           30    Pre-defined
ssg5-isdn-wlan-> get ser | i TCP-ANY
TCP-ANY                      6     0/65535 other              30    Pre-defined
ssg5-isdn-wlan->

notice, for HTTP, its 5 mins. In general, for TCP ports its 30mins. But this may or may not apply depending on whether there is already a predefined service which the firewall will match instead of the default timeouts.

Check out this KB which explains the session timeouts really well:

http://kb.juniper.net/index?page=content&id=KB11970&actp=search&searchid=1242233813248

****pls click the button " Accept as Solution" if my post helped to solve your problem****

Screenie · ‎01-10-2008

One small remark to add: You can modify the time-out of predefined services.

best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

TCP Timeout Default

Re: TCP Timeout Default

Re: TCP Timeout Default