Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dmitriy_Chazov
Contributor

(R80.10)How do I disable a single user session

Hello everybody.
How to disable a separate user session when the user logs in and works. But is it necessary to reset its session now? It is possible R80.10?

3 Replies
Vladimir
Champion
Champion

If you are talking about VPN session, you can either do this:

You'll have to do it via CLI:

SSH into your appliance and authenticate using same username and password you've setup in WebUI.

If Expert mode password is not set up yet, do so.

change mode to "Expert":

 

drawbridge> expert
Enter expert password:

You are in expert mode now.

[Expert@drawbridge]#

 

then use commands in bold to see the connected users, execute vpn management via "vpn tu" and select an option, by pressing corresponding # to either see or delete the session, it will be 1 or 3 to list and 8 to delete:

 

[Expert@drawbridge]# pep show user all
Trying to run main_pep
Command: root->show->user->all
ID (PDP; UID) Username@Machine CID (IP, PacketID) PT
====================================================================================================
127.0.0.1 :00000000; 24497579 Vladimir 172.16.10.1 , 00000000 -

[Expert@drawbridge]# vpn tu

********** Select Option **********

(1) List all IKE SAs
(2) List all IPsec SAs
(3) List all IKE SAs for a given peer (GW) or user (Client)
(4) List all IPsec SAs for a given peer (GW) or user (Client)
(5) Delete all IPsec SAs for a given peer (GW)
(6) Delete all IPsec SAs for a given User (Client)
(7) Delete all IPsec+IKE SAs for a given peer (GW)
(8) Delete all IPsec+IKE SAs for a given User (Client)
(9) Delete all IPsec SAs for ALL peers and users
(0) Delete all IPsec+IKE SAs for ALL peers and users

(Q) Quit

*******************************************

1

Peer 172.16.10.1, user md5 19647299870406a7:

1. IKE SA <a7248af8edb55d16,33e37a972cdc151d>:

 

Hit <Enter> key to continue ...

8

Enter IP of peer (format: xxx.xxx.xxx.xxx): 172.16.10.1

Enter peer name (for users):Vladimir

Hit <Enter> key to continue ...

********** Select Option **********

(1) List all IKE SAs
(2) List all IPsec SAs
(3) List all IKE SAs for a given peer (GW) or user (Client)
(4) List all IPsec SAs for a given peer (GW) or user (Client)
(5) Delete all IPsec SAs for a given peer (GW)
(6) Delete all IPsec SAs for a given User (Client)
(7) Delete all IPsec+IKE SAs for a given peer (GW)
(8) Delete all IPsec+IKE SAs for a given User (Client)
(9) Delete all IPsec SAs for ALL peers and users
(0) Delete all IPsec+IKE SAs for ALL peers and users

(Q) Quit

*******************************************

1

 

Hit <Enter> key to continue ...

Or this:

If it is a VPN session you are trying to reset, go to "Users" in SmartView Monitor, otherwise, go to "Tools", "Suspicious Activity Rules...":

Chose the gateway and define a rule for the service you want to interrupt with the expiration time in a few minutes:

0 Kudos
Dmitriy_Chazov
Contributor

No, I'm talking about user sessions that go on the Internet.

0 Kudos
Vladimir
Champion
Champion

Then use the "Suspicious Activity Rule" from the post above.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events