Unfortunately since operating systems are super chatty these days, the Idle Timeout settings will not be very effective. I've literally had users connected for almost 2 months without being disconnected and I know that they're not working 24 hours straight for almost 60 days. The solution is to set the Maximum Connect Time (using ASDM) or vpn-session-timeout (using CLI) to an appropriate time length. For example, if your average user works 8-10 hours daily, then I would suggest you set your vpn-session-timeout (a.k.a. Maximum Connect Time) to 720 minutes (12 hours). Keep in mind, any currently connected users will need to disconnect and reconnect to download the newly configured settings, or you can just force a logout and once they reconnect their setting will be updated. I hope this finds you well. Cheers!
... View more