Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Anyconnect Timeout

Unanswered Question
Jul 24th, 2008
User Badges:

ASA 5510 v8.0(3)

Anyconnect v2.2

Pretty simple setup, just a single group policy that has the Idle timeout set to 60 minutes.

Testing it out, I connect with the anyconnect client and I can see session via the ASDM monitoring section and watch as the idle timer runs down on both the "clientless" and the "SSL-Tunnel" - once the timer runs out, the ssl-tunnel is dropped, but the anyconnect client remains up. Is this by design? I was under the impression that when the idle time runs out, the session itself, no matter what the client, it's dropped. Doesn't seem to be the case..

Anyone else experienced this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadbou Wed, 07/30/2008 - 10:54
User Badges:
  • Bronze, 100 points or more

A user can lose connectivity for an extended period of time and still be able to have the client automatically resume the connection, as long as the security appliance has not logged the session off. In addition, a VPN session can now be retained during a hibernate/standby condition. This does not require any configuration changes; it is automatically enabled. The VPN tunnel might be dropped if the hibernation/sleep time exceeds the idle connection timeout or session timeout configured on the security appliance. You can also restrict this feature by setting the idle session timeout to a low value.


This Discussion