Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Idle-timeout

We have ASA5550, Active Directory, and RADIUS server. How do you setup idle-timeout? I want to disconnect the computer after 2 hours of inactivity.

Diane

Thanks.

5 REPLIES

Re: Idle-timeout

If for VPN clients, you can do this.

group-policy attributes

vpn-idle-timeout 60

the above would be timeout of 60 minutes

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/uz.html#wp1551655

HTH

Jorge

New Member

Re: Idle-timeout

Jorge,

Thanks very much for your prompt response and information. I setup the idle timeout for 5 minutes. I waited for 10 minutes and the VPN client is still connecting. Do I need to configure anything on the RADIUS server? Do you have any suggestions?

Thanks.

Diane

Re: Idle-timeout

Are you sure the client is indeed iddle , it is possible there is still traffic goint through the RA client can you see the logs and confirm.. I do not believe there is anything in RADIUS to setup in terms of client inactivity.. it is settings in the tunnel itself.

Rgds

Jorge

New Member

Re: Idle-timeout

Thanks for your prompt response. I left the client running. I do not touch the keyboard and mouse. I do not have any applications or Internet Explorer running. The client is Windows Vista. Where do I look at the logs for traffic activity? Do I also need to setup idle timeout in Split Tunnel? Please let me know if you have any other suggestions.

Thanks.

Diane

New Member

Re: Idle-timeout

You are correct. The "isakamp keepalive" was disabled. Once it is enabled, the idle-timeout is working. However, if I enable "isakamp keepalive", my Load Balancing is not working. The VPN client only goes to one ASA box. When the second VPN client connects to the second ASA box, the VPN client never connects and got the error message "Reason 433: Reason not specified by Peer". Do you have any other suggestions?

Thanks.

Diane

173
Views
0
Helpful
5
Replies
CreatePlease to create content