Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Lucas_Correia
New Contributor

Created on ‎03-08-2018 02:22 PM

Session expires lower than session duration

Hi, 

 

My question is, is there a way to disconnect a session after a specific period of time, whether they are idle or not. For example, we have sessions from the fortigates to my Fortianalyzer, using the port TCP/514, that never expires.

I already tried set config system session-ttl on this port but it never expires. 

 

Running v5.4.8,build1183 (GA) on FGT 60D;

 

--Lucas

Labels:
3009
0 Kudos
2 REPLIES 2
EMES
Contributor

Created on ‎03-09-2018 06:18 AM

Create a new service in the CLI you can set the session timeout per service and some other options.

try the commands below : 

 

config firewall service custom

edit testservice

set ?

1484
0 Kudos
EMES
Contributor
In response to EMES

Created on ‎03-09-2018 06:20 AM

Although you did mention where they are idle or not which is not possible. I will say you can probably do something with the timeouts , make them really short on that one service as opposed to doing it for the entire firewall.

 

1484
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.