F-SECURE POLICY MANAGER 8.0 Administrator's Manual - page 189
CHAPTER 11
189
Troubleshooting
Q. Why does F-Secure Policy Manager Console lose the connection
to F-Secure Policy Manager Server?
A. If F-Secure Policy Manager Console is run on a separate computer
from F-Secure Policy Manager Server, then the connection may be
affected by network problems. There have been numerous reports
where, for example, a network switch change caused
loss-of-connection problems between F-Secure Policy Manager
Console and Server. Usually these problems are fixed by updating
the network drivers to the latest version in the affected machines or
by reconfiguring the new switch and the network cards on the
F-Secure Policy Manager Console and Server machines.
If F-Secure Policy Manager Console is installed on the same
computer as F-Secure Policy Manager Server, then there is a risk
that F-Secure Policy Manager Server could be under such a heavy
network load that it does not have any free network connections
available. F-Secure Policy Manager Console and all hosts are
competing for the same network resources.
With the default settings F-Secure Policy Manager Server can only
handle 150 simultaneous connections. You can increase the number
of simultaneous connections by increasing ThreadsPerChild value
in the httpd.conf file and restarting the F-Secure Policy Manager
Server after that. Other possible solutions are to increase the polling
intervals of hosts, to change the Windows networking timeouts
shorter, or to increase the number of Windows networking ports.
Useful Windows networking settings are:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
MaxUserPort (maximum number of network ports, default = 5000)
HKLM\SYSTEM \CurrentControlSet\Services\Tcpip\Parameters\
TcpTimedWaitDelay (time to wait before closing inactive
network connection, default = 240 seconds).
The netstat -an command can be used to check whether there are
too many connection open to the server.