I've done some tests, and here's what I've found:
- you can't modify the inactviity timeout in junos-tcp-any, I get commit errors when trying
- you should create a new application object instead:
[edit applications]
root@SRX1# show
application tcp-any {
protocol tcp;
inactivity-timeout 7800;
}
- this still isn't enough though. In order to get the SRX to use this timeout you need to reference this application object in your policy.
So to do what you're asking for (ie all TCP connections have an increased timeout) you need to use custom application objects in every policy rule and have an increased timeout in each one.
Some experts might know of an easier way, but I haven't found any other way to do it.