The TCP listen options allow you to control how idle and unresponsive browser connections are handled and to optimize these processes for your network. For most networks, the default values provide adequate performance. If your network is congested and slow, you might want to increase some of the limits.
Click Devices > Access Gateways > Edit > [Name of Reverse Proxy] > TCP Listen Options.
Select Enable Persistent Connections to allow Access Gateway to establish a persistent HTTP connection between Access Gateway and the browser. Usually, HTTP connections service only one request and response sequence. A persistent connection allows multiple requests to be serviced before the connection is closed.
This option is enabled by default.
Specify values for the TCP Listen Options:
Keep Alive Interval: Determines when an idle connection is closed. If no application data is exchanged over a connection for this amount of time, the connection is closed. This value limits how long an idle persistent connection is kept open. This setting is a compromise between freeing resources to allow additional inbound connections, and keeping connections established so that new connections from the same device do not need to be re-established. The value can be set from 1 to 1440 seconds (24 minutes). The default is 300 seconds.
Data Read Timeout: Determines when an unresponsive connection is closed. When exchanging data, if an expected response from the connected device is not received within this amount of time, the connection is closed. This value might need to be increased for slow or congested network links. The value can be set from 1 to 3600 seconds (1 hour). The default is 120 seconds.
NOTE:WebSocket connection implements ping pong communication for continuous connectivity. If your application supports WebSocket but ping pong communication is not implemented, it is recommended to set the value to 3600 seconds to avoid frequent disconnection. If a connection is idle for more than the value specified in Data Read Timeout, it is terminated.
To configure the encryption key, select one or more of the following:
Enforce 128-Bit Encryption between Browser and Access Gateway: When this option is selected, Access Gateway requires all its server connections with client browsers to use 128-bit encryption. If the encryption key is less than 128, regardless of the cipher suite, the connection is denied.
Enforce 128-Bit Encryption between Access Gateway and Web Server: When this option is selected, Access Gateway requires all its client connections to web servers to use 128-bit encryption. If the encryption key is less than 128, regardless of the cipher suite, the connection is denied.
NOTE:These SSL listening options appear disabled if you are configuring the tunneling services.
To save your changes to browser cache, click OK.
To apply your changes, click the Access Gateways link, then click Update > OK.