06-23-2022 05:38 AM
Hi,
I have some devices that occasionally get rebooted while there is an active vpn session. They use local user names and passwords with a static ip assigned.
The problem is when they reboot it is very quick and the vpn has not ended the previous session yet. It ends up giving it an ip from a stanby ip space but this is undesirable.
How would i go about decreasing the time the connection is retained to back it drop sooner?
Thank you
Solved! Go to Solution.
06-23-2022 05:57 AM
I think the idle timeout is config under the group-policy, so if the VPN tunnel-group use specific group-policy then under it change the idle timeout.
and for other tunnel-group keep it as default.
06-23-2022 05:40 AM
I don't full understand your Q
but there is two timeout
one is idle other is session timeout,
you can increase idle timeout this make all VPN detail save in ASA in case the use reconnect again within this time.
06-23-2022 05:46 AM
MHM,
Thank you for your response.
Correct, i want the "idle" or "wait for me to come back into communication" timer to be lower so the ASA will drop the session and not hold onto that IP.
Is there a way I can do this for one VPN profile and not all of them?
06-23-2022 05:57 AM
I think the idle timeout is config under the group-policy, so if the VPN tunnel-group use specific group-policy then under it change the idle timeout.
and for other tunnel-group keep it as default.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: