Solved: Re: vpn-idle-timeout 1, VPN will never be disconnected. - Page 2

JustTakeTheFirstStep · ‎02-27-2020

The timeout setting for a VPN group is 1 minute.

vpn-idle-timeout 1

However, even after one minute, the VPN will never be disconnected.

What configuration do need?

Cristian Matei · ‎02-29-2020

Hi,

First make sure you have a stable version running on your Cisco ASA. Second, try also configuring the "default-idle-timeout" under your "WebVPN" configuration.

Regards,

Cristian Matei.

JustTakeTheFirstStep · ‎02-29-2020

I've already done it.
But the results are the same.

Cristian Matei · ‎02-29-2020

Hi,

Try running a stable version on the ASA, make sure there is no traffic through the tunnel (look in AnyConnect statistics) and see if it's fixed.

Regards,

Cristian Matei.

JustTakeTheFirstStep · ‎03-02-2020

I want to know for sure.
Is the inactive time when it is in sleep mode or when the computer is shut down?

Cristian Matei · ‎03-12-2020

Hi,

When there is no traffic through the tunnel(shutdown for sure, sleep mode it depends if the PC actually generates some traffic like towards a Domain Controller or not).

Regards,

Cristian Matei.

the-lebowski · ‎11-18-2022

Bumping this because it seems I am running into a similar problem when having vpn-idle-timeout 240 but users aren't being disconnected even when they have been idle for longer than that. Does

Hashing : AnyConnect-Parent: (1)none
Bytes Tx : 122005 Bytes Rx : 13123
Group Policy : MFA-GP Tunnel Group : MFA
Login Time : 22:29:32 PST Thu Nov 17 2022
Duration : 10h:40m:37s
Inactivity : 6h:23m:00s
VLAN Mapping : N/A VLAN : none
Audt Sess ID : 0000000003aae0006377264c
Security Grp : none

##############

group-policy MFA-GP attributes
dns-server value 10.199.2.20 10.109.2.20
dhcp-network-scope 10.199.28.0
vpn-idle-timeout 240
vpn-session-timeout 720