Description
This article talks about the default timeout value (session-ttl) for on Fortigate device.
Solution
FortiGate will keep the session in its session table for specific time when session is IDLE. The default value of session-ttl is 3600 seconds which can be modified.
FGT # show full-configuration system session-ttl
config system session-ttl
set default 3600 (Range: 300 - 2764800 seconds)
end
However, the default value of specific protocols can be modified as follows.
FGT # config system session-ttl
FGT (session-ttl) # config port
FGT (port) # edit 1
new entry '1' added
FGT (1) # set protocol
protocol Enter an integer value from <0> to <255>.
FGT (1) # set protocol 1 <--- protocol 1 is ICMP. More protocol numbers can be found in related link.
FGT (1) # end
FGT (session-ttl) # end
FGT # show full-configuration system session-ttl
config system session-ttl
set default 3600
config port
edit 1
set protocol 1
set timeout 300 <--- default is 300 seconds
next
end
end
Related Links:
Protocol Numbers
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.