We have Fortinet firewall 200F
Can we increase socket connection timeout for specific clients OR for specific firewall rule ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Please refer if this could be helpful for you:-
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Session-timeout-settings/ta-p/191228
Created on 12-03-2024 03:37 AM Edited on 12-03-2024 03:42 AM
I want to increase socket idle timeout value only for TCP ports 1556, 13724, 13782
(no need for UDP ports, no firewall default socket value override adjustment required)
Created on 12-03-2024 04:43 AM Edited on 12-03-2024 04:43 AM
The document is still valid for your case.
Focus on the point #3. Create new service objects for your ports. In these service objects, define the port (TCP/xxx) and define the timeout as well (set session-ttl xxx).
Afterwards add these new services to the relevant firewall policies and the modified TTLS will apply only to matching traffic.
Thanks all. Seems we can also create the service from GUI. But I am not able to see the timeout value option when create the service from Services
It is a CLI-only option.
I am done. Below are the settings
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.