We have a PIX 5151E firewall which is configured to delete idle TCP sessions after 1 hour. This is affecting LDAP authentication for a web server as it still perceives the TCP session to be active. On both the web and LDAP server, netstat shows an open TCP session. The PIX however has removed the session from it's connection table due to it being idle for more than 1 hour. I am aware this is normal behaviour for the firewall and ideally the application parameters should be tweaked... Is there a way to have the PIX send a TCP FIN or TCP RST when it clear the session for it's connection table. Many thanks in advance for your help. Cheers, Rob