cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2534
Views
0
Helpful
3
Replies

Controlling time of Remote Access VPN connection

rafaelpetter
Level 1
Level 1

Hi,

can you tell me if its possible to control the amount of time of the VPN client connection after the connection in Cisco ASA 5520?

ACL by time is one solution but its not scalable due to the fixed time that the user will need to connect.

Regards,

Rafael Petter

3 Replies 3

slmansfield
Level 4
Level 4

Yes, you can configure a maximum connect time.

Configuring the Maximum Connect Time

Specify the maximum user connection time in minutes, or enter none to allow unlimited connection time and prevent inheriting a value for this attribute. At the end of this period of time, the adaptive security appliance terminates the connection.

The range is 1 through 35791394 minutes. There is no default timeout. To allow an unlimited timeout period, and thus prevent inheriting a timeout value, enter the vpn-session-timeout command with the none keyword. To remove the attribute from the running configuration, enter the no form of this command.

hostname(config-username)# vpn-session-timeout {minutes | none}

hostname(config-username)# no vpn-session-timeout

hostname(config-username)# 

The following example shows how to set a VPN session timeout of 180 minutes for the user named anyuser:

hostname(config)# username anyuser attributes

hostname(config-username)# vpn-session-timeout 180

hostname(config-username)# 

I'll try again to paste the configuration.  I cannot see it in the prior post.

hostname(config-username)# vpn-session-timeout {minutes | none}
hostname(config-username)# no vpn-session-timeout

hostname(config)# username anyuser attributes
hostname(config-username)# vpn-session-timeout 180
hostname(config-username)#

The command can also be applied to a group, which is probably more useful to you.

hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# vpn-session-timeout 180

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: