Configure timeout parameters for TCP, UDP and ICMP protocols.

About this task

After a session timer has been created it can be changed as needed. The default session timer can also be edited.

Procedure

  1. In the vSphere Web Client, navigate to Networking & Security --> Firewall.
  2. Ensure that you are in the Settings tab. If there is more than one NSX Manager available, select one from the drop-down list.
  3. Select the timer you want to edit. Note that the default timer values can also be edited. Click the pencil icon.

    The Edit a Timeout Configuration dialogue box appears, populated with the default values.

  4. Enter a name (required) and a description (optional) for the session timer.
  5. Select the protocol. Edit any default values that you want to change.

    TCP Variables

    Description

    First Packet

    The timeout value for the connection after the first packet has been sent. The default is 120 seconds.

    Open

    The timeout value for the connection after a second packet has been transferred. The default is 30 seconds.

    Established

    The timeout value for the connection once the connection has become fully established.

    Closing

    The timeout value for the connection after the first FIN has been sent. The default is 120 seconds.

    Fin Wait

    The timeout value for the connection after both FINs have been exchanged and the connection is closed. The default is 45 seconds.

    Closed

    The timeout value for the connection after one endpoint sends an RST. The default is 20 seconds.

    UDP Variables

    Description

    First Packet

    The timeout value for the connection after the first packet is sent. This will be the initial timeout for the new UDP flow. The default is 60 seconds.

    Single

    The timeout value for the connection if the source host sends more than one packet and the destination host has not sent one back. The default is 30 seconds.

    Multiple

    The timeout value for the connection if both hosts have sent packets. The default is 60 seconds.

    ICMP Variables

    Description

    First Packet

    The timeout value for the connection after the first packet is sent. This is the initial timeout for the new ICMP flow. The default is 20 seconds.

    Error reply

    The timeout value for the connection after an ICMP error is returned in response to an ICMP packet. The default is 10 seconds.

  6. Select the object type, vNIC or VM.

    The Available Objects list is automatically populated.

  7. Select one or more objects and click the arrow to move them to the Selected Objects column.
  8. Click OK.