Pretty simple setup, just a single group policy that has the Idle timeout set to 60 minutes.
Testing it out, I connect with the anyconnect client and I can see session via the ASDM monitoring section and watch as the idle timer runs down on both the "clientless" and the "SSL-Tunnel" - once the timer runs out, the ssl-tunnel is dropped, but the anyconnect client remains up. Is this by design? I was under the impression that when the idle time runs out, the session itself, no matter what the client, it's dropped. Doesn't seem to be the case..
A user can lose connectivity for an extended period of time and still be able to have the client automatically resume the connection, as long as the security appliance has not logged the session off. In addition, a VPN session can now be retained during a hibernate/standby condition. This does not require any configuration changes; it is automatically enabled. The VPN tunnel might be dropped if the hibernation/sleep time exceeds the idle connection timeout or session timeout configured on the security appliance. You can also restrict this feature by setting the idle session timeout to a low value.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :