Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Geezertronic
New Contributor

session-ttl - change to 28800 seconds (8 hours)

Hi.  The default session-ttl setting is 3600 seconds (1 hour).  Are there any disadvantages to increasing this to 28800 seconds (8 hours)?  Our application team are insisting we change the ttl because their app cannot perform keep-alives and I realise that this will mean that the number of sessions kept open on the firewall will increase and possibly affect performance but is there anything else?  Also is there a Fortinet TID that contains disadvantages of an increased TTL?

 

Firewall is a VDOM on an 800D

1 REPLY 1
hubertzw
Contributor III

For limited number of policies is fine. I have similar case and I don't have any problems. You shouldn't change it globally only per policy to avoid keeping sessions which could be terminated.

Labels
Top Kudoed Authors