ntls tcp_keepalive show

Display the NTLS TCP keep alive configuration.

TCPKeepAlive is a TCP stack option, available at the LunaClient, and at the SafeNet Luna Network HSM appliance. For SafeNet purposes, it is controlled via an entry in the Chrystoki.conf /crystoki.ini file on the LunaClient, and in an equivalent file on SafeNet Luna Network HSM. For SafeNet Luna HSM 6.1 and newer, a fresh client software installation includes an entry "TCPKeepAlive=1" in the "LunaSA Client" section of the configuration file Chrystoki.conf (Linux/UNIX) or crystoki.ini (Windows). Config files and certificates are normally preserved through an uninstall, unless you explicitly delete them. As such, if you update (install) LunaClient software where you previously had an older LunaClient that did not have a TCPKeepAlive entry, one is added and set to "1" (enabled), by default. In the case of update, if TCPKeepAlive is already defined in the configuration file, then your existing setting (enabled or disabled) is preserved.
On the SafeNet Luna Network HSM appliance, where you do not have direct access to the file system, the TCPKeepAlive= setting is controlled by the LunaSH command ntls tcp_keepalive set.
The settings at the appliance and the client are independent. This allows a level of assurance, in case (for example) a firewall setting blocks in one direction.  

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

>Monitor

Syntax

ntls tcp_keepalive show

Example

lunash:>ntls tcp_keepalive show

NTLS TCP keepalive is configured as follows :

 TCP_KEEPIDLE  : 200
 TCP_KEEPINTVL : 150
 TCP_KEEPCNT   : 15


Command Result : 0 (Success)


Customer Support Portal

SafeNet Luna Network HSM 7.4 Product Documentation  16 December 2019  Copyright 2001-2019 Thales. All rights reserved.