VPN Mobile User - session requires authentication after 4 hours

vmoricky

Hello,
I got FireboxV-SM running OS 12.10.1. All Mobile SSL VPN users need to re-authenticate after 4 hours. Is there a way I can increase this value? This is related to Active Directory user accounts.

Mobile SSL VPN - Renegotiation Data Channel is set to 480mins (8hrs) and there's no timer for AD for this as far as I can tell?

Am I missing something?
Thanks!

james.carson

Hi @vmoricky

I suppose the first place to start here would be the traffic monitor logs on your firebox. Do you see the firebox disconnecting the session in your logs?

If you don't see anything there, check the SSLVPN client logs (right click the SSLVPN icon, and go to view logs.

There's a number of things that can be causing connection resets, aside from the firebox itself.

If you need help interpreting logs, please consider opening a support case. If you decide to post them here, please ensure any public IP addresses are removed from your logs.

vmoricky

Hi @james.carson

I can see the disconnect logs when timeout occurs. Here's log from the Firebox itself:

2024-01-31 13:59:23 sslvpn Entering function sslvpn_client_event, event is 16777217
2024-01-31 13:59:25 sessiond Session Timeout has occured 2706 userId=vpn_user1
2024-01-31 13:59:25 firewall sess_event: Session event "Del" has no "UserMac" parameter
2024-01-31 13:59:25 sslvpn Entering function sslvpn_client_event, event is 2097153
2024-01-31 13:59:25 sslvpn Entering function sslvpn_client_event, event is 67108867
2024-01-31 13:59:25 sslvpn Received Session Status Change event, current state:0x0
2024-01-31 13:59:25 sslvpn Session delete event, entry->virtual_ip=virtual_ip, entry->real_ip=public_ip, dropin_mode=0
2024-01-31 13:59:25 sslvpn sslvpn_delete_user_session, delete entry, entry->virtual_ip=virtual_ip, dropin_mode=0
2024-01-31 13:59:25 sslvpn Mobile VPN with SSL user vpn_user1 logged off. Virtual IP address is virtual_ip.
2024-01-31 13:59:25 wrapper Unsupported event type for infinityd daemon
2024-01-31 13:59:25 sslvpn Disconnecting vpn session from public_ip:40854
2024-01-31 13:59:25 sessiond failed on wgapi_status_query(): xpath=/toSessionClient/delete session 2706
2024-01-31 13:59:25 sessiond Session deleted
2024-01-31 13:59:25 sessiond process status xpath /toSessiond/updateActivity
2024-01-31 13:59:25 sslvpn Receiving SIGCHLD from pid:6561, openvpn pid=2719, sslvpn_firecluster pid=2714
2024-01-31 13:59:25 sslvpn Entered in sslvpn_takeaddr
2024-01-31 13:59:25 sslvpn Arguments which needs to be sent:openvpn_del 7 0 1706705965
2024-01-31 13:59:25 sslvpn Going to open wgipc:
2024-01-31 13:59:25 sslvpn Success,Sending Data to sslvpn_firecluster:openvpn_del 7 0 1706705965
2024-01-31 13:59:25 sslvpn receive logout command for client virtual_ip
2024-01-31 13:59:25 sslvpn send session deletion request for client vip=virtual_ip OK
2024-01-31 13:59:25 sessiond process status xpath /toSessiond/delete
2024-01-31 13:59:25 sessiond NO existing session is found

On the client side (OpenVPN client) it simply states:

2024-01-31 13:59:26 Connection reset, restarting [-1]
2024-01-31 13:59:26 SIGUSR1[soft,connection-reset] received, process restarting
2024-01-31 13:59:26 MANAGEMENT: >STATE:1706531152,RECONNECTING,connection-reset,,,,,
2024-01-31 13:59:27 Restart pause, 1 second(s)

This is not specific to OpenVPN, happens for the Mobile SSLVPN client the same way.

Any tips on where the session timeout might be configured?

Thank you!

james.carson

The client logs aren't really saying anything other than there was a disconnection - I'd suggest opening a support case if you haven't done so already.