Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

VPN Client Time Restrictions

I am looking for a way to disconnect active client VPN users from either an ASA or Pix(6.3(5) code) when they reach their restricted hours. I am using ACS 4.0 and Tacacs+ to restrict time, but it won't kick off after users.

Any insight would be appreciated.

1 REPLY
Cisco Employee

Re: VPN Client Time Restrictions

Hi,

How about the max-time options under the VPN Group.

The vpngroup max-time command sets the maximum connection time for a Cisco VPN 3000 Client. When the maximum connection time is reached for a given VPN client or Easy VPN Remote device, the tunnel is terminated. This means the connection between the Cisco VPN 3000 Client and the PIX Firewall will have to be reestablished. The default maximum connection time is set to an unlimited amount of time.

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/tz.html#wp1099471

Regards,

Arul

*Pls rate if it helps*

267
Views
0
Helpful
1
Replies
CreatePlease to create content