Feature Request: RDP / VPN Idle Timeout based on utilization

Hey Folks,

Right now we have Idle Timeouts on VPN and RDP connections, but the 'idle' portion seems very black & white. If the system is doing standard overhead over the connection, the link is not considered idle and will not time out, even if the connecting person is just drinking coffee all day.

While that is great for a few hours or so, some kind of limiter we can set would be great. For example, if the connection doesn't show a certain % of utilization for a period of time, it is then considered Idle. So, two hours of just routine overhead and it shuts down, for example.

Thanks for listening, and if anyone has a solution to help emulate this, then please let me know!



  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Bear_W

    What VPN are you using when this occurs?

    For mobile VPN, modern client computers are usually very chatty and send traffic over the VPN quite a bit.

    For site to site VPNs, the firewall will idle an unused connection with it up until the tunnel expiration time, and then drop it. If the default of 8 hours is too long, I'd suggest reducing it. Keep in mind that this will trigger a tunnel rekey, which can cause hiccups in sensitive applications like VoIP or RDP.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.