- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSL VPN Timeout
Office staff are reporting that the SSL VPN sessions all timeout after approximately 8hrs. How can I either lengthen that time or disable the timeout? They would like to set this to stay connected for 3 days (36 hrs) though we will ask users to log out at the end of their workday. They sometimes work over 8 hrs. a day.
Running FortiOS 6.0.9 on a FortiGate 60E.
I went into the CLI and entered the following commands:
config vpn ssl settings
set auth-timeout 259200
It appears that this should set the timeout in seconds giving them 36 hrs. before disconnection. They still get disconnected after 8 hrs. Also, when I search the configuration backup for "set auth-timeout" or for "259200" I can't find the setting that I thought that I added. Am I doing something wrong?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
I have set these 2 Parameters to solve the problem:
set idle-timeout {integer} SSL VPN disconnects if idle for specified time in seconds. range[0-259200]
set auth-timeout {integer} SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout). range[0-259200]
Sini
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Its the set auth-timeout setting, the default is on 8 hours.(28800 seconds)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks everyone!
I think that I see what I was doing wrong.
After entering:
config vpn ssl settings set auth-timeout 259200
I did not type "end". I simply closed the CLI interface.
I presume that not typing end caused it not to save the setting.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Correct, "end" needs to be typed for saving the config.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It looks like you used the correct commands. They appear to be exactly as I did them. 1 : config vpn ssl settings ( Update/show/change SSL settings) 2 : set auth-timeout 42200 (We set ours to around 12 hours )
3 : show (Just to be sure that the param was taken into account)
4: End (Save the config) Nothing else necessary for us. Do a Show Config and verify that the param was indeed saved. After that the next SSL connection will timeout after the period you want.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can this be done in the GUI? Where?