Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear community,I have a strange behavior with the VPN session timeout configuration of our RAVPN (running on FTD 7.6.4, managed by FMC).At first, it was set as unlimited on the FMC (appeared as vpn-session-timeout none on the running configuration of...
Dear community,
I recently setup a RAVPN using the Secure Client and an ISE deployment for authentication and posture. It works as expected for our corporate devices, but I have an issue with posture for non-corporate machines, like a linux desktop.
...
Hello everyone,
I’m looking into the upgrade of our FMC 4600 HA pair from 7.4.2-172 to 7.6.2-329 (currently the suggested release).
Looking at the documentation https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/compatibility/management-c...
Hello,
I’ve setup a posture configuration to work with our RAVPN. Basically I’ve 3 rules:
Compliance OK, where I return a permit all ACLCompliance not OK, where I return a limited ACLCompliance unknow, where I’ve configured on the authorization profi...
Dear Community,
I have an ASA firewall connected to another firewall with:
One direct L2 connection between the 2 firewallsOne IPSEC VPN between the 2 firewalls with a few flow still passing through it
I’d like to take the flows outside of the IPSEC ...
Ok, found it!It was on the first AuthZ profile matched, the one that triggers the posture check of the user's device, in this one reauthentication is configured at 720 minutes, I don't know why:I'll see to change that, thank you very much for your he...
Thank you. I thought about it by the authorization profile we're using is not configured for reauthentications or with the radius session-timeout value:I've opened a tac case about this, I'll keep you updated.
Thanks for your test, below the output of my current session, and also the configuration of my group policy in which I've configured the timeout to 2880:Session Type: AnyConnect DetailedUsername : xxxx Index : 2134Assigned IP : x.x.x.x Public IP : x....
Yes, I reauthenticated, even rebooted the device but the session time out doesn't change. Every new user who has connected to the VPN still have their session time out to 720 minutes.