IPsec/SSL VPN

Expand all | Collapse all

Disconnecting user if he have Idle time on forticlient vpn tunnel

  • 1.  Disconnecting user if he have Idle time on forticlient vpn tunnel

    Posted Mar 17, 2021 12:00 PM
    Hello,
    I have a question, is it possible if i use (vpn forticlient) with the standard settings (disconnecting the connection after e.g. 8 hours), detect idle time not disconnect on set time??
     i mean if  the user is not using the tunnel and has a laptop running, is it possible to disconnect the remote session if it is inactive? just like sslvpn via www, there you can set that after 30 seconds of inactivity we disconnect the connection.
    The question is whether this can be done when using the vpn forticlient? discennect user if he is inactive in forticlient vpn?

    thank you in advance
    Regards, Przemek

    ------------------------------
    Przemys?aw
    IT Systems Administrator
    ------------------------------


  • 2.  RE: Disconnecting user if he have Idle time on forticlient vpn tunnel

    Posted Mar 18, 2021 08:28 AM
    I think you might be looking for this: 

    https://kb.fortinet.com/kb/documentLink.do?externalID=FD39435
    https://kb.fortinet.com/kb/documentLink.do?externalID=FD48372

    The 8 hours timeout is for authentication. User is disconnected even he is active. Idle timeout is a different timer:

    config vpn ssl settings

    [...]
    set idle-timeout 300 (5 minutes)
    set auth-timeout 28800 (8 hours)
    [...]

    end