I tried posting this specifically before and didn't have any luck ( http://www.mail-archive.com/[email protected]/msg19099.html ) but now that I have contacted Microsoft I have a few more details to ask the questions with. Here is the basic scenario:
- On the server, TCP session timeouts have been lowered to 5 minutes (through a reg edit that MS support had me make) - The client application has been shut down and netstat shows no connections open to the server - The server still shows many (up to 30) connections to the client long after the 5 minute timeout window - The pfSense (1.2.3-RC3) GUI Diagnostics -> States table shows sessions between the client and server as ESTABLISHED:ESTABLISHED - The client and server are in two different subnets connected by an IPSec VPN Now, is there anything in pfSense that would keep a session open even after the client has closed it and the server's TCP timeout window has passed? The way MS Support was explaining it to me, they said the server would send out a message to see if the client was still around and it would only be keeping the session open if something was responding on the client's behalf. She said to look for any setting on the router such as "tcp keep alive" or "idle keep alive" but the only thing I see is under VPN settings for the Keep Alive IP to ping which I thought was only to keep the tunnel up by pinging a host on the remote subnet. Thank for any help!
