How to disconnect dialup IPSEC VPN session ?

LPO59 · ‎02-27-2025

Hi,

As a replacement for SSL VPN for remote users, we have implemented IP SEC dialup.
Users connect with forticlient. Everything works fine.
However, I would like to be able to force the disconnection of sessions after a set time (i.e. 12 hours), even if traffic is generated.

I have not been able to test any functional solutions.
Do you have any idea how to do this?

funkylicious · ‎02-27-2025

hi,

maybe this article could help, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Hard-timeout-for-Dialup-IPSEC-VPN-Tunnel/t...

"jack of all trades, master of none"

View solution in original post

funkylicious · ‎02-27-2025

hi,

maybe this article could help, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Hard-timeout-for-Dialup-IPSEC-VPN-Tunnel/t...

"jack of all trades, master of none"

LPO59 · ‎02-28-2025

Thanks @funkylicious,

That works for me.
With the reauth enable, Forticlient disconnects when the key lifetime expires.

kawarko1 · ‎02-27-2025

Just disable the tunnel interface on the network interfaces tab and the tunnel won't be to form the tunnel. This would work depending on your configuration and who you want to block out temporarily.

How to disconnect dialup IPSEC VPN session ?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website