Cisco Support Community
Community Member

idle time and connections

We are running VPN in a PIX 515.

1. Idle Time

How can we configure so that the PIX can disconnect the connection that idle time is more than 10 minutes?

2. re-connection problems

I find if a VPN user shuts down his machine without clicking disconnect or the machine freezes and rebooting, the user may not be able to re-logon until a few hours later. How can we fix the problem.

3. Loogn ID

We add vpdn username and password in PIX for logon. Can all VPN users share one VPN logon ID and password? The reason I ask this question is because some times users logon using user1 ID do not work but it works if they change another logon ID like user2.

Community Member

Re: idle time and connections

1. As I understand it, the connection timer starts ticking after the connection goes idle. use timeout conn to adjust this to 10 mins. If you are trying to use the timer to force the user to re-authenticate, use timeout uauth (absolute) instead.

2. Check your PIX code version.. sounds like a bug.

3. you could user clear uauth instead of creating a new username.

It sounds like you might want to work with a tac rep to get this tweaked for your environment. And keep a support contract current on the PIX. You'll want to keep the code updated somewhat.

CreatePlease to create content