Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
handiansudianto
Collaborator

VPN Idletime

Hello,

Can we exclude some users so when they connected to the VPN the user no need to reauthenticate?

What we facing for now after some hours the VPN connected, they must fill the credential again.

0 Kudos
2 Replies
the_rock
Legend
Legend

I know thats global setting and you can set it in guidbedit, but I dont believe its possible to exclude specific users from it, but maybe TAC can confirm 100% for you.

Best regards,

Andy

0 Kudos
the_rock
Legend
Legend

To clarify my first response, 2 things I was referring to are bit different. Global properties is to re-authenticate every so often and second one is disconnect after being idle for so long.

Andy

1 -> https://community.checkpoint.com/t5/Remote-Access-VPN/Increase-VPN-Re-authentication-Timeout/td-p/83...

2 ->

To configure tunnel idleness:

1. Connect to the Security Management Server with GuiDBedit.

2. Open the Global Properties > properties > firewall_properties object.

3. Find disconnect_on_idle and these parameters:

  • do_not_check_idleness_on_icmp_packets

  • do_not_check_idleness_on_these_services - Enter the port numbers for the services that you want to ignore when idleness is checked.

  • enable_disconnect_on_idle - to enable the feature

  • idle_timeout_in_minutes

4. Save and install the policy.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events