Socket connection timeout for specific clients

ZAHIDHASEEB · ‎12-02-2024

We have Fortinet firewall 200F

Can we increase socket connection timeout for specific clients OR for specific firewall rule ?

sjoshi · ‎12-03-2024

Please refer if this could be helpful for you:-

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Session-timeout-settings/ta-p/191228

Let us know if this helps.
Salon Raj Joshi

ZAHIDHASEEB · ‎12-03-2024

I want to increase socket idle timeout value only for TCP ports 1556, 13724, 13782

(no need for UDP ports, no firewall default socket value override adjustment required)

pminarik · ‎12-03-2024

The document is still valid for your case.

Focus on the point #3. Create new service objects for your ports. In these service objects, define the port (TCP/xxx) and define the timeout as well (set session-ttl xxx).

Afterwards add these new services to the relevant firewall policies and the modified TTLS will apply only to matching traffic.

[ corrections always welcome ]

ZAHIDHASEEB · ‎12-03-2024

Thanks all. Seems we can also create the service from GUI. But I am not able to see the timeout value option when create the service from Services

pminarik · ‎12-03-2024

It is a CLI-only option.

[ corrections always welcome ]

ZAHIDHASEEB · ‎12-04-2024

I am done. Below are the settings

Socket connection timeout for specific clients

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website