| Description |
This article describes how to set up different idle timeout values for FortiGate and FortiProxy administrators. |
| Scope | FortiGate. |
| Solution |
The idle timeout is the amount of time an administrator can stay logged into the Fortigate without any activity. By default, FortiGate/FortiProxy applies the global idle-timeout value, which can be found under System -> Settings -> Idle timeout for all administrators.
In the CLI:
config system global set ? admintimeout Number of minutes before an idle administrator session times out (1 - 480 minutes (8 hours), default = 5). A shorter idle timeout is more secure. set admintimeout
However, this value can be overridden on a per-admin basis. This can be done by applying a custom admin profile for the administrator to override the setting.
In the CLI:
config system accprofile edit <profile_name> set admintimeout-override <Enable / Disable> <----- enable: Enable overriding the global administrator idle timeout/ disable: Disable overriding the global administrator idle timeout. set admintimeout <admintimeout> <---- admintimeout: Enter an integer value from <1> to <480> or (special = <0>) (default = <10>). 0 means the user will never time out. end
Related document: |
