Hot!SSL VPN Timeout

Author
SecurityPlus
Gold Member
  • Total Posts : 419
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/08/11 18:41:34
  • Status: offline
2020/04/07 16:07:37 (permalink)
0

SSL VPN Timeout

Office staff are reporting that the SSL VPN sessions all timeout after approximately 8hrs. How can I either lengthen that time or disable the timeout? They would like to set this to stay connected for 3 days (36 hrs) though we will ask users to log out at the end of their workday. They sometimes work over 8 hrs. a day.
 
Running FortiOS 6.0.9 on a FortiGate 60E.
 
I went into the CLI and entered the following commands:
config vpn ssl settings
set auth-timeout 259200
 
It appears that this should set the timeout in seconds giving them 36 hrs. before disconnection. They still get disconnected after 8 hrs. Also, when I search the configuration backup for "set auth-timeout" or for "259200" I can't find the setting that I thought that I added. Am I doing something wrong?
 
 

FWF30E, FG40F, FG50E, FWF50E, FG60D, FWF60D, FG60E, FG60F, FG80E, FG100D
FortiOS 5.2, 5.4, 5.6, 6.0, 6.2, and 6.4
FortiSwitch FS-224E-POE, FS-124E-POE
FAP-221E, FAP-224E, FAP-221C
#1

6 Replies Related Threads

    SEI
    New Member
    • Total Posts : 9
    • Scores: 4
    • Reward points: 0
    • Joined: 2017/08/23 07:13:24
    • Location: Switzerland
    • Status: offline
    Re: SSL VPN Timeout 2020/04/07 23:52:17 (permalink)
    0
    Hello 
     
    I have set these 2 Parameters to solve the problem:
     
    set idle-timeout {integer}   SSL VPN disconnects if idle for specified time in seconds. range[0-259200]
    set auth-timeout {integer}   SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout). range[0-259200]
     
    Sini
    #2
    ShawnZA
    Silver Member
    • Total Posts : 96
    • Scores: 11
    • Reward points: 0
    • Joined: 2018/04/02 23:31:22
    • Location: Cape Town
    • Status: offline
    Re: SSL VPN Timeout 2020/04/08 00:13:59 (permalink)
    0
    Its the set auth-timeout setting, the default is on 8 hours.(28800 seconds)
    #3
    SecurityPlus
    Gold Member
    • Total Posts : 419
    • Scores: 4
    • Reward points: 0
    • Joined: 2014/08/11 18:41:34
    • Status: offline
    Re: SSL VPN Timeout 2020/04/08 08:00:04 (permalink)
    0
    Thanks everyone!
     
    I think that I see what I was doing wrong.
     
    After entering:
    config vpn ssl settings
    set auth-timeout 259200
     
    I did not type "end". I simply closed the CLI interface.
    I presume that not typing end caused it not to save the setting.

    FWF30E, FG40F, FG50E, FWF50E, FG60D, FWF60D, FG60E, FG60F, FG80E, FG100D
    FortiOS 5.2, 5.4, 5.6, 6.0, 6.2, and 6.4
    FortiSwitch FS-224E-POE, FS-124E-POE
    FAP-221E, FAP-224E, FAP-221C
    #4
    suthomas1
    Silver Member
    • Total Posts : 80
    • Scores: 0
    • Reward points: 0
    • Joined: 2014/05/07 06:08:23
    • Status: offline
    Re: SSL VPN Timeout 2020/04/08 18:10:20 (permalink)
    0
    Correct, "end" needs to be typed for saving the config.
    #5
    Roy_CHFR
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/04/21 04:39:32
    • Status: offline
    Re: SSL VPN Timeout 2020/04/21 05:43:15 (permalink)
    0
    It  looks like you used the correct commands.  They appear to be exactly as I did them.

    1 : config vpn ssl settings
        ( Update/show/change SSL settings)

    2 : set auth-timeout 42200
         (We set ours to around 12 hours )

    3 : show  
       (Just to be sure that the param was taken into account)
     
    4: End 
        (Save the config)

    Nothing else necessary for us.  Do a Show Config and verify that the param was indeed saved.

    After that the next SSL connection will timeout after the period you want.


    #6
    mlynch1958
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/03/11 13:37:21
    • Status: offline
    Re: SSL VPN Timeout 2021/04/29 13:28:04 (permalink)
    0
    Can this be done in the GUI? Where?
    #7
    Jump to:
    © 2021 APG vNext Commercial Version 5.5