A TCP service is configured using the mainframe proxy with a QWS Secure client, with mainframe protocol TN3270-SSL. When a PAM user launches the service, the connection is established and auto-login works, but after a while there is an error and the connection closes. This can happen while the user is active, not just after some idle time. There is no network problem.
PAM 3.2 with a service using the secure mainframe proxy.
The mainframe proxy on the PAM appliance creates socket connections to the target device. The proxy did not process EAGAIN socket errors correctly in all cases, closing the socket rather than retrying the operation.
Hotfix 3.2.2.06 was created to address this problem.
Not all hotfixes are published on the PAM Solutions and Patches page, https://support.ca.com/us/product-content/recommended-reading/technical-document-index/ca-privileged-access-manager-solutions-patches.html at the time of this writing, but all should be rolled up in the next maintenance release, in this case 3.2.3. If you need a hotfix and don't find it published, please open a case with PAM support.