Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tdhaslett
New Contributor

IPSec VPN 2fa Timeout Settings

Hi All,

Is there a way to enforce a timeout on the 2fa authentication period?

We are required to enforce refreshing of 2fa authentication every 24 hours to maintain certification while working remotely. I have not found a way to set this in our Fortigate 200D. I am fine with setting a timeout on the VPN connection itself, thereby forcing a refresh of 2fa.

Also, I would prefer a session timeout rather than an inactivity timeout, if possible.

 

Thanks!

Tim

1 REPLY 1
Toshi_Esumi
SuperUser
SuperUser

The first thing I found in my Internet search was my own post about idle timeout on this forum two years ago.

https://forum.fortinet.com/tm.aspx?m=159981

I don't see other timeout setting in IPsec phase1 config.  Probably auth server side including 2Factor auth doesn't have a mechanism to kill the VPN once it's successfully authorized.

 

If it were SSL VPN, you could set the session timemout to drop the connection as you wanted.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors