Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Legend
Legend

Timeout/reauthentication VPN endpoint client

Im sorry if this was asked before, but customer asked me this and Im not sure if its possible. So, in global properties, you can set timeout for users to re-authenticate, but customer was wondering, if we set that timeout to 8 hours, can we set anywhere that vpn disconnects them if they are inactive for say 40 minutes? I see some settings there for it, but does not let you choose the time.

 

So essentially, timeout to 8 hours and inactivity timeout to 40 minutes?

 

Not sure if this can be done in trac_client_1.ttm file on the gateway?

0 Kudos
2 Replies
Timothy_Hall
Champion
Champion

I don't believe this is possible, as the various timers follow the SA Lifetimes which are absolute values and not impacted by activity to ensure the keys are changed on a regular basis.

Watch My 2023 CPX360 Speech Titled "Max Power
Reloaded: R81+ Gateway Performance Innovations"
0 Kudos
the_rock
Legend
Legend

Thanks Tim...I did not think so either, but I thought maybe its possible in fw .ttm file. I may open official TAC case for this, if customer asks me though.