Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2419
Views
0
Helpful
2
Replies

Cisco Anyconnect Idle Timeout

danielesquaranti
Level 1
Level 1

‎09-22-2021 04:44 AM

Hi,

I recently enable the "vpn-idle-timeout 3" on the group-policy for the vpn client on Cisco ASA.

I try to lock the screen of my pc but after 3 minutes the anyconnect doesn't disconnect.

Anyone know when the connection does it actually go in idle?

Is there a way to set the timeout when the pc goes to lock screen, or when the users aren't actually doing anything?

I Also see that there is the "vpn-session-timeout" command but I don't want to disconnect the users after the time expires..

 

Thanks in advance for the support.

 

Labels:
0 Helpful
2 Replies 2

Squozen_EU
Level 1
Level 1

‎09-22-2021 04:51 AM

Modern OSs are virtually never idle, that's the problem. Run Wireshark when your computer is 'idle' and you'll see it's anything but.

 

What problem are you actually trying to solve here? If a user has locked their computer, wouldn't you want the machine to stay connected in order for group policies updates to push and other management tools to maintain their sessions?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-22-2021 11:51 AM

check this thread and verify is the client really idle ?

 

https://community.cisco.com/t5/network-security/vpn-idle-timeout-1-vpn-will-never-be-disconnected/td-p/4036713

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents