Hello everybody.
How to disable a separate user session when the user logs in and works. But is it necessary to reset its session now? It is possible R80.10?
Hello everybody.
How to disable a separate user session when the user logs in and works. But is it necessary to reset its session now? It is possible R80.10?
If you are talking about VPN session, you can either do this:
You'll have to do it via CLI:
SSH into your appliance and authenticate using same username and password you've setup in WebUI.
If Expert mode password is not set up yet, do so.
change mode to "Expert":
drawbridge> expert
Enter expert password:
You are in expert mode now.
[Expert@drawbridge]#
then use commands in bold to see the connected users, execute vpn management via "vpn tu" and select an option, by pressing corresponding # to either see or delete the session, it will be 1 or 3 to list and 8 to delete:
[Expert@drawbridge]# pep show user all
Trying to run main_pep
Command: root->show->user->all
ID (PDP; UID) Username@Machine CID (IP, PacketID) PT
====================================================================================================
127.0.0.1 :00000000; 24497579 Vladimir 172.16.10.1 , 00000000 -
[Expert@drawbridge]# vpn tu
********** Select Option **********
(1) List all IKE SAs
(2) List all IPsec SAs
(3) List all IKE SAs for a given peer (GW) or user (Client)
(4) List all IPsec SAs for a given peer (GW) or user (Client)
(5) Delete all IPsec SAs for a given peer (GW)
(6) Delete all IPsec SAs for a given User (Client)
(7) Delete all IPsec+IKE SAs for a given peer (GW)
(8) Delete all IPsec+IKE SAs for a given User (Client)
(9) Delete all IPsec SAs for ALL peers and users
(0) Delete all IPsec+IKE SAs for ALL peers and users
(Q) Quit
*******************************************
1
Peer 172.16.10.1, user md5 19647299870406a7:
1. IKE SA <a7248af8edb55d16,33e37a972cdc151d>:
Hit <Enter> key to continue ...
8
Enter IP of peer (format: xxx.xxx.xxx.xxx): 172.16.10.1
Enter peer name (for users):Vladimir
Hit <Enter> key to continue ...
********** Select Option **********
(1) List all IKE SAs
(2) List all IPsec SAs
(3) List all IKE SAs for a given peer (GW) or user (Client)
(4) List all IPsec SAs for a given peer (GW) or user (Client)
(5) Delete all IPsec SAs for a given peer (GW)
(6) Delete all IPsec SAs for a given User (Client)
(7) Delete all IPsec+IKE SAs for a given peer (GW)
(8) Delete all IPsec+IKE SAs for a given User (Client)
(9) Delete all IPsec SAs for ALL peers and users
(0) Delete all IPsec+IKE SAs for ALL peers and users
(Q) Quit
*******************************************
1
Hit <Enter> key to continue ...
Or this:
If it is a VPN session you are trying to reset, go to "Users" in SmartView Monitor, otherwise, go to "Tools", "Suspicious Activity Rules...":
Chose the gateway and define a rule for the service you want to interrupt with the expiration time in a few minutes: