Created on
07-01-2015
07:42 PM
Edited on
08-21-2024
06:55 AM
By
Stephen_G
Description
This article describes what is the meaning of 'admin-console-timeout 0'.
'An idle timeout has been added for FortiGate console sessions (admin sessions connecting to a FortiGate console port or USB port).
By default the console timeout is set to 0 and console sessions will never timeout'.
So the console session can still be disconnected even if configuring 'admin-console-timeout 0'.
The value of '0' will make FortiGate consider the 'admintimeout' setting.
Scope
FortiGate
Solution
FortiGate (global) # show full-configuration | grep timeout
set admin-console-timeout 0 -> This counter is in seconds.
set admintimeout 1 -> This counter is in minutes.
set device-idle-timeout 300 -> This counter is in seconds.
set proxy-auth-timeout 300 -> This counter is in minutes.
set ldapconntimeout 500 -> This counter is in seconds.
set remoteauthtimeout 5 -> This counter is in seconds.
Example:
'admin-console-timeout' is set as 0 s.
'admintimeout' is set as 1 min.
'admin-console-timeout' is allowed to be configured in the range of 15-300 seconds from the CLI.
FortiGate (global) # show full-configuration | grep timeout
set admin-console-timeout 20
set admintimeout 1
set explicit-proxy-auth-timeout 300
set ldapconntimeout 500
set remoteauthtimeout 5
'admin-console-timeout' is configured as 20 seconds in this example.
This is intended to lower the timeout for a console session to a matter of seconds.
To extend the session duration past the maximum configurable value of 300, then this setting should be disabled (0), and the duration in this case will be given by the admintimeout value, in minutes.
admintimeout -> Enter an integer value from <1> to <480> (default = <5>). -> This counter is in minutes.
Values minutes/seconds are described here: