Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Anyconnect Timeout

ASA 5510 v8.0(3)

Anyconnect v2.2

Pretty simple setup, just a single group policy that has the Idle timeout set to 60 minutes.

Testing it out, I connect with the anyconnect client and I can see session via the ASDM monitoring section and watch as the idle timer runs down on both the "clientless" and the "SSL-Tunnel" - once the timer runs out, the ssl-tunnel is dropped, but the anyconnect client remains up. Is this by design? I was under the impression that when the idle time runs out, the session itself, no matter what the client, it's dropped. Doesn't seem to be the case..

Anyone else experienced this?

1 REPLY
Bronze

Re: Anyconnect Timeout

A user can lose connectivity for an extended period of time and still be able to have the client automatically resume the connection, as long as the security appliance has not logged the session off. In addition, a VPN session can now be retained during a hibernate/standby condition. This does not require any configuration changes; it is automatically enabled. The VPN tunnel might be dropped if the hibernation/sleep time exceeds the idle connection timeout or session timeout configured on the security appliance. You can also restrict this feature by setting the idle session timeout to a low value.

547
Views
0
Helpful
1
Replies
CreatePlease to create content