ssl vpn timeout
Hello
We authenicate users against our AD
One of our users want's the timeout increasing and dispite mutilple tries it still seems to be set to around 8 hours.
What is the correct way for increasing this timeout as nothing I have changed on the firebox m270 has seemed to make any difference.
Any help is appreciated
Regards
Martin
0
Sign In to comment.
Comments
From the docs:
"The FireBox considers all authentication servers other than Firebox-DB as third-party authentication servers. To set the authentication timeout values when you use a third-party server for authentication, you must configure the settings in the third-party server portal."
Set Global Authentication Timeouts
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/authentication/global_auth_settings_c.html
So, see if this can be changed in the AD setting for this user.
Hi Bruce
These are the settings - I have tried to set it to a value of 0 but even with that the it times out.
Firewall Authentication
Timeout settings apply to users who authenticate to external, third-party authentication servers that do not already have a timeout configured. If you select a value of zero, a timeout does not occur.
Session Timeout
12
Hours
Idle Timeout
12
Hours
Login limits apply to all users. If you specify a different login limit in the user or group settings, that limit takes precedence over this global setting.
Allow unlimited concurrent firewall authentication logins from the same account
Limit concurrent user sessions to
1
So I don't know if the issue is elsewhere (maybe in our AD) if you have any idea where I need to look?
Regards
Martin
Sorry, no.
Consider opening a support case on this.
If you find a resolution, please post it.
Interestingly, years ago, there was no session timeout for a SSLVPN session - it could go on for days.
HI Bruce
I think I may have found it but no where in the guides it is
On the firewall if you go to Subscription Services> Access Portal then select user connection setting you will see the timeout is set to 8 hours and it says it applies to the SSL VPN
Regards
Martin
Hallo Martin,
does it help? i have the same issue now.
Thanks
https://community.watchguard.com/watchguard-community/discussion/4208/watchguard-saml-autologout-after-8-hours?utm_source=community-search&utm_medium=organic-search&utm_term=8+hour
Hello
Yes we changed the setting and no more timeouts