I have some users going through an 5520, and their session gets dropped at some point in the evening, rather than staying active until they disconnect. The config is set for:
What is the difference in these 2? Does one override the other? Looking at these settings, I would think the session would drop after 30 minutes of inactivity, however, in another firewall, the config is set to:
and they don't ever get dropped.
Any suggestions? I need the vpn in the first config to not timeout overnight. Thanks, Tony
vpn-idle-timeout 30 = the amount of time the vpn connection is idle ie. no activity seen on the tunnel, before it is disconnected
vpn-session-timeout 900 = the amount of time the VPN tunnel is allowed to stay up regardless of whether there is activity or not.
Both times are in minutes. So setting vpn-session-timeout to none as on the other device means the session time is unlimited.