ProxySG & Advanced Secure Gateway

Expand all | Collapse all

Why some sessions are not terminated by the session timeout

  • 1.  Why some sessions are not terminated by the session timeout

    Posted 15 days ago
      |   view attached
    Hello everyone,

    Any idea of this long duration session?

    Thanks in advance
    SDKIM

    ------------------------------
    Manager
    ------------------------------


  • 2.  RE: Why some sessions are not terminated by the session timeout

    Broadcom Employee
    Posted 12 days ago
    Hello SDKIM,

    The logs sessions are there because the client or the server side keeps on sending packets trough maintaining the TCP session open, the default timeout is 2 minutes, so if there are packets send across between the two parties than the session will stay open,  so all is working as expected.
    You can take a policy trace and a pcap for the source ip and destination to find out more on the packet level.
    If you are looking for what is registry-1.docker.io, a simple google search will have the answer my friend :)

    I hope this helps.
    Slava


  • 3.  RE: Why some sessions are not terminated by the session timeout

    Posted 6 days ago
    Hello Slava,

    Thank you for your reply.
    If there are some packets between the client to OCS, your explanation is ok.
    but there wasn't any packet for many hours but sessions kept open.

    SDKIM

    ------------------------------
    Manager
    ------------------------------



  • 4.  RE: Why some sessions are not terminated by the session timeout

    Broadcom Employee
    Posted 4 days ago
    Hello SDKIM,

    How did you determined that there are no packets between the client IP + proxy + destination url ?, please provide in depth details of you approach and what have you done to arrive to that conclusion ?

    Slava


  • 5.  RE: Why some sessions are not terminated by the session timeout

    Posted 2 days ago
    Hello Slava,

    As you can see from the picture, the duration are from 12hours to 18hours but the client and server bytes are all same.
    and even I refreshed, there wasn't any changes on both client and server bytes.
    That's why I thought there was not any packets between client and server.

    Thanks & Regards
    SDKIM

    ------------------------------
    Manager
    ------------------------------



  • 6.  RE: Why some sessions are not terminated by the session timeout

    Broadcom Employee
    Posted yesterday
    Hello SDKIM,

    Thank you for the response, perhaps there are no changes in the bytes because those sessions are all the same as the communication between the client and the destination is the same.
    If you really want to find out more you will need to take a packet capture on the proxy , with the filter for that source client IP and that destination URL, also a policy trace for that user IP, and even a packet capture on your firewall for comparasing the data.

    Slava