Thanks, what is the difference between session timeout and idel timeout?

Regards

Hi Andy,

In case of Idle timeout, for that session ASA would keep poliing the ASDM for inactivity, when it sees that the connection is inactive for the idle timeout value, it would send a reset for the connection.

in case of session timeout, the ASA woudl terminate the ASDM after the timeout value, irrespective of activity or inactivity. A user can open a session only for that specified time after which they might need to re-login. By default session timeout is 0, whihc means no limit for timeout.

Hope that helps.

Thanks,

Varun

I've added the idle timeout for 30 mins, but I don't get logged out of teh ASDM, any ideas?

After 30 mins idle, if you try to access the ASDM again, you should not be able to access it and it will request for another authentication. Is this not the case, ie: you are still able to browse through the ASDM after the 30 mins idle time?

You are right, I have been logged in 24 hours now to the ASDM.  If I'm in the CLI I get logged out after 30 mins.

Andy,

I have tested this now with (ASA 8.3.2(7)) "http server session-timeout 5", every 5 minutes the login window pops up. The command was introduced in 8.2.1 code.

I do not see any problem with that. You may see the ASDM window all populated but when you try to click device management or any other configuration you would have to login and this window does pop-up.

If you configured idle-timeout, you can keep issuing this command and watch the session idle time and bytes incrementing. If the byte count increases the idle time will not increment or go back to "0".

ASA-5505(config)# sh conn all | i 443

-Kureli