In most firewalls session the idle timers for any UDP and ICMP session are typically expired once they go idle after 30secs or less.
With MS RDP ( Terminal Services ) you can set the client up to use TCP only if your seeing numerous disconnects
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
SelectTransport
|
Than you can monitor the firewall session tables to see if the client is using Tcp.
fortios:
diag sys session filter dport 3389
diag sys session filter proto 6
diag sys session list
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment