Hot!VPN idle timeout resetting

Author
gy14
New Member
  • Total Posts : 10
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/03/23 10:14:00
  • Status: offline
2020/09/02 12:50:32 (permalink)
0

VPN idle timeout resetting

I have a 200E, idle timeout for ssl vpn is the default of 300 seconds but it doesn't timeout end users at all.  The only KB i can find is
 
https://kb.fortinet.com/kb/documentLink.do?externalID=FD48372  
 
I followed the instructions, i have a windows 10 laptop with both SSDP and LLMNR disabled.  Packet capture still grabs what they state as the multicast traffic causing the issue.   "notice the traffic to multicast address 239.255.255.250"
 
Likewise i run the get vpn ssl and see the timeout decreasing but only for 30 seconds and then its reset to 299.
 
Am i on the right track that its multicast traffic that resets the timer?  if i've disabled SSDP n LLMNR what is still sending multicast  (no applications on here but forticlient)  anyone have experienced?
 
thoughts are appreciated.
 
EDIT: is it because i'm using a my domain DNS IP addresses.   is there a way around this?  don't i need local dns for internal applications & AD auth?
 
 
post edited by gy14 - 2020/09/02 13:02:13
#1

1 Reply Related Threads

    gy14
    New Member
    • Total Posts : 10
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/23 10:14:00
    • Status: offline
    Re: VPN idle timeout resetting 2020/12/02 10:32:57 (permalink)
    0
    This was confirmed with support.  basically idle timeouts don't work due to the constant need for dns / domain traffic.
     
    #2
    Jump to:
    © 2021 APG vNext Commercial Version 5.5