This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ihenock101
Collaborator
‎2023-01-19 10:48 PM
Jump to solution

Checkpoint Remote Access SSL VPN and Capsule timeout

Hi All,

I'm writing in regards to configuring the remote SSL VPN on my Checkpoint gateway server. I have configured the server, and by default, the idle timeout when a client connects is set to 2 hours.

I would like to make two changes to this configuration:

1. Set the idle timeout value when a user connects

2. Set the time limit for when a user can connect

Please let me know if these changes are possible and what steps I need to take in order to implement them. I’ve attached the SSL extender screenshot. You can see that it starts with two hours and keeps counting down.

Regards,

Preview file
48 KB
0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2023-01-20 12:47 AM
In response to ihenock101
Jump to solution

You are using MAB Network Mode and need to configure it in Dashboard:

snx.jpg

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

(1)
5 Replies
G_W_Albrecht
Legend Legend
Legend
‎2023-01-19 11:32 PM
Jump to solution

We have to keep legacy SNX and MAB apart:

SNX sk77380 says: No, there is no idle session timeout for SNX.
That functionality does not currently exist in SNX. If you connect SNX, the only timeout is the re-authentication available under Global Properties-Remote Access-SSL Network Extender-More Advanced Settings

MAB sk176924: How to increase SNX session timeout

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
ihenock101
Collaborator
‎2023-01-20 12:02 AM
In response to G_W_Albrecht
Jump to solution

@G_W_Albrecht the re-authentication timeout value for the SNX in the global properties is 480 minutes however as you can see from the attachment the SNX shows 2 hour expiration time 

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-01-20 12:47 AM
In response to ihenock101
Jump to solution

You are using MAB Network Mode and need to configure it in Dashboard:

snx.jpg

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
(1)
ihenock101
Collaborator
‎2023-01-20 03:20 AM
In response to G_W_Albrecht
Jump to solution

@G_W_Albrecht Thanks a lot Sir. does it require a restart since it is in production evironment?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-01-20 06:21 AM
In response to ihenock101
Jump to solution

Publish and Policy Install should be enough for all new connections.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events