FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article talks about the default timeout value (session-ttl) for on Fortigate device.
FortiGate will keep the session in its session table for specific time when session is IDLE. The default value of session-ttl is 3600 seconds which can be modified.
FGT # show full-configuration system session-ttl config system session-ttl set default 3600 (Range: 300 - 2764800 seconds) end
However, the default value of specific protocols can be modified as follows.
FGT # config system session-ttl FGT (session-ttl) # config port FGT (port) # edit 1 new entry '1' added FGT (1) # set protocol protocol Enter an integer value from <0> to <255>. FGT (1) # set protocol 1 <--- protocol 1 is ICMP. More protocol numbers can be found in related link. FGT (1) # end FGT (session-ttl) # end
FGT # show full-configuration system session-ttl config system session-ttl set default 3600 config port edit 1 set protocol 1 set timeout 300 <--- default is 300 seconds
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.