Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ZAHIDHASEEB
New Contributor III

Socket connection timeout for specific clients

We have Fortinet firewall 200F

Can we increase socket connection timeout for specific clients OR for specific firewall rule ?

6 REPLIES 6
sjoshi
Staff
Staff

Please refer if this could be helpful for you:-

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Session-timeout-settings/ta-p/191228

Let us know if this helps.
Salon Raj Joshi
ZAHIDHASEEB
New Contributor III

I want to increase socket idle timeout value only for TCP ports 1556, 13724, 13782

(no need for UDP ports, no firewall default socket value override adjustment required) 

pminarik

The document is still valid for your case.

Focus on the point #3. Create new service objects for your ports. In these service objects, define the port (TCP/xxx) and define the timeout as well (set session-ttl xxx).

Afterwards add these new services to the relevant firewall policies and the modified TTLS will apply only to matching traffic.

[ corrections always welcome ]
ZAHIDHASEEB
New Contributor III

Thanks all. Seems we can also create the service from GUI. But I am not able to see the timeout value option when create the service from Services

 

Services.png

 

pminarik

It is a CLI-only option.

[ corrections always welcome ]
ZAHIDHASEEB
New Contributor III

I am done. Below are the settings

00.png

 

Increase-Idle-Socket-Timeout-03.png

 

Increase-Idle-Socket-Timeout-04.png

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors