SSL VPN idle timouts

Unanswered Question
May 15th, 2009
User Badges:

I'm wondering how the ASA determines time out values for a SSL VPN connection. Specifically, what is the mechanism? If it looks at generated traffic through the connection, an end user could apply a persistant ping to keep the connection open. I thought I had read somewhere that the ASA has the ability to apply idle timeouts by checking mouse or keyboard input. Is this true? I do not want to set a max session timeout...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmoopeung Thu, 05/21/2009 - 17:53
User Badges:
  • Bronze, 100 points or more

To set an idle timeout for individual users behind hardware clients, clear the Inherit check box and either check the Unlimited check box to specify that there is no idle timeout or specify a specific number of minutes. If there is no communication activity by a user behind a hardware client in the idle timeout period, the security appliance terminates the client's access.

For more information:

http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/selected_procedures/asdm_grp.html#wp1135938

Actions

This Discussion