Has anyone been able to get SSL VPN and idle timeout to work on an ASA?
I have an ASA5520 and I have setup different clinics to use a SSL VPN to connect. I can't get the idle timeout to timeout. I have the correct parameters set but it won't disconnect (I left my PC connected overnight, it was still connected in the morning, without any applications running on the PC).
Emailed my Cisco SE and he stated âI did check the TAC database and it appears that the idle timeout does not work correctly for SSL VPN's.â
Does anyone have an ASA that has SSL VPNs that the idle timeout works, session timeout works OK.
Re: Has anyone been able to get SSL VPN and idle timeout to work
The obvious solution would be to configure the vpn-idle-timeout function to some arbitrarily large figure. Can you go to your server and make sure for the group and user under Interface Configuration> Radius (Cisco VPN) that CVPN3000-Authenticated-User-Idle-Timeout is unchecked for group and user. Another good test would be to create a user on the ASA and associate that user to the group while having configured.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...