Disconnecting user if he have Idle time on forticlient vpn tunnel

PrzeWasi · ‎03-17-2021

Hello,
I have a question, is it possible if i use (vpn forticlient) with the standard settings (disconnecting the connection after e.g. 8 hours), detect idle time not disconnect on set time??
i mean if the user is not using the tunnel and has a laptop running, is it possible to disconnect the remote session if it is inactive? just like sslvpn via www, there you can set that after 30 seconds of inactivity we disconnect the connection.
The question is whether this can be done when using the vpn forticlient? discennect user if he is inactive in forticlient vpn?

thank you in advance
Regards, Przemek

------------------------------
Przemys?aw
IT Systems Administrator
------------------------------

[FirstName] [JobTitle]

lbjust · ‎03-18-2021

I think you might be looking for this:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD39435
https://kb.fortinet.com/kb/documentLink.do?externalID=FD48372

The 8 hours timeout is for authentication. User is disconnected even he is active. Idle timeout is a different timer:

config vpn ssl settings

[...]
set idle-timeout 300 (5 minutes)
set auth-timeout 28800 (8 hours)
[...]

end