Configuring Tcp Connect Options For Web Servers - Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010 Manual

This option is enabled by default.
3 Specify values for the TCP Listen Options:
Keep Alive Interval: (Access Gateway Service) Sets the length of time between packets being
sent to a connected device to determine if the connection is still alive. If a response is not
received within the Data Read Timeout value, the connection is closed. On an idle connection,
sending these ping packets continues until the Idle Timeout value is reached. Setting the value
to zero prevents the sending of keep-alive packets. The value can be set from 0 to 1440 seconds
(24 minutes). The default is 300 seconds (5 minutes).
Data Read Timeout: Determines when an unresponsive connection is closed. When
exchanging data, if an expected response from the connected device is not received within this
amount of time, the connection is closed. This value might need to be increased for slow or
congested network links. The value can be set from 1 to 3600 seconds (1 hour). The default is
120 seconds (2 minutes).
Idle Timeout: (Access Gateway Appliance) Determines when an idle connection is closed. If
no application data is exchanged over a connection for this amount of time, the connection is
closed. This value limits how long an idle persistent connection is kept open. This setting is a
compromise between freeing resources to allow additional inbound connections, and keeping
connections established so that new connections from the same device do not need to be re-
established. The value can be set from 1 to 1800 seconds (30 minutes). The default is 180
seconds (3 minutes).
4 To configure the encryption key, select one or more of the following:
Enforce 128-Bit Encryption between Browser and Access Gateway: When this option is
selected, the Access Gateway requires all its server connections with client browsers to use
128-bit encryption. If the encryption key is less than 128, regardless of the cipher suite, the
connection is denied.
Enforce 128-Bit Encryption between Access Gateway and Web Server: When this option
is selected, the Access Gateway requires all its client connections to Web servers to use 128-bit
encryption. If the encryption key is less than 128, regardless of the cipher suite, the connection
is denied.
NOTE: These SSL listening options appear disabled if you are configuring the tunneling
services.
5 To save your changes to browser cache, click OK.
6 To apply your changes, click the Access Gateways link, then click Update > OK.

1.6.2 Configuring TCP Connect Options for Web Servers

Connect options are specific to the group of Web servers configured for a proxy service. They allow
you to control how idle and unresponsive Web server connections are handled and to optimize these
processes for your network. For most networks, the default values provide adequate performance. If
your network is congested and slow, you might want to increase some of the limits.
1 In the Administration Console, click Devices > Access Gateways > Edit > [Name of Reverse
Proxy] > [Name of Proxy Service] > Web Servers > TCP Connect Options.
70 Novell Access Manager 3.1 SP2 Access Gateway Guide