Session timeout when using Cisco Secure Access

msyk.oym · ‎10-15-2025

Is it possible to time out a user's session if they have not performed any operations for a certain period of time?

We use Cisco Secure Access in the following environment:

- The Internet is accessed from the branch office where the VPN router is installed via Cisco Secure Access.
- SSO authentication is enabled in the Internet access policy.
- In Configuration Management's SSO authentication, Re-authenticate Web Proxy Users is set to Daily.

Is it possible to time out a session for users who have not performed any operations for a certain period of time?
For example, time out the session if there has been no operation for 10 minutes.
Please let me know if there are any other settings that are necessary in Cisco Secure Access.

balaji.bandi · ‎10-15-2025

You can look at Secure VPN Access FAQ :

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/116312-qanda-anyconnect-00.html#toc-hId--539196147

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

msyk.oym · ‎10-19-2025

It seems that you can set Session Timeout and Idle Timeout in Cisco Secure Client's AnyConnect VPN.

In environments where Secure Access is connected via a VPN router, such as a branch office, Cisco Secure Client is not installed.
Proxy authentication is required when accessing Internet sites using a web browser.

If you think about it, the IdP authentication frequency is set to Daily, so we assume that the Session Timeout will be Daily.

Hypothetically, if Secure Access were allowed to set an idle timeout, connections to Secure Access would remain open until they timed out, increasing the number of threads Secure Access uses and potentially causing network latency.