IPSec VPN 2fa Timeout Settings

Forum|Forum|6 years ago
March 23, 2020
1 reply
6281 views

Hi All,

Is there a way to enforce a timeout on the 2fa authentication period?

We are required to enforce refreshing of 2fa authentication every 24 hours to maintain certification while working remotely. I have not found a way to set this in our Fortigate 200D. I am fine with setting a timeout on the VPN connection itself, thereby forcing a refresh of 2fa.

Also, I would prefer a session timeout rather than an inactivity timeout, if possible.

Thanks!

Tim

Toshi_Esumi

SuperUser

The first thing I found in my Internet search was my own post about idle timeout on this forum two years ago.

https://forum.fortinet.com/tm.aspx?m=159981

I don't see other timeout setting in IPsec phase1 config. Probably auth server side including 2Factor auth doesn't have a mechanism to kill the VPN once it's successfully authorized.

If it were SSL VPN, you could set the session timemout to drop the connection as you wanted.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded