Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tsvikrn
New Contributor

VPN SSL idle-timeout vs auth-timeout

Hi

Can somebody explain the difference between idle-timeout and auth-timeout in vpn ssl settings?

I've seen the help page but I don't seem to understand how is the end result any different between the two.

Thanks

2 REPLIES 2
srajeswaran_FTNT

 

 

Idle Timeout: The idle-timeout is period of time in seconds that the SSL VPN will wait before timing out.

Auth-Timeout : The auth-timeout is period of time in seconds that the SSL VPN will wait before re-authentication is enforced.

 

Now lets say, Idle Timeout is 10 Minutes and Auth Timeout is 5 minutes.

 

The SSL connections logs out at 5 minutes irrespective of the traffic through SSL. Even if SSL is not idle, due to the auth-timeout value of 5 minutes, user will have to authenticate again.

 

For the reverse values,  Idle Timeout is 5 Minutes and Auth Timeout is 10 minutes.

Lets says the user is connected but there is no traffic through tunnel for 5 minutes, tunnel will go down. If the user is connected and tunnel is not idle, tunnel will go down only after 10 minutes.

 

 

Ref: https://kb.fortinet.com/kb/documentLink.do?externalID=FD39435

Ref: https://kb.fortinet.com/kb/documentLink.do?externalID=FD37221

 

Regards,

Suraj

tsvikrn

Thanks