Fortinet SSL VPN connection logout after 8 hours

By default, a SSL VPN connection logouts after 8 hours. Which will cause some user disconnected while continuously working from home for more than 8 hours.

config vpn ssl settings

set idle-timeout 300

The idle-timeout is period of time in seconds that the SSL VPN will wait before timing out.
Default value is 300 seconds (5 minutes). Range: <0> to <259200>.


set auth-timeout 28800
The auth-timeout is period of time in seconds that the SSL VPN will wait before re-authentication is enforced.
Default value is 28800 seconds (8 hours). Range: <0> to <259200>

A value of 0 indicates no timeout.

Changes as above or changing tunnel/web mode will not impact the environment.

However, be aware:
Once a SSL VPN client is connected, a change to firewall address objects or IP pools under SSL VPN settings in a production environment will tear down all the active SSL VPN connections regardless of the above timeout.

Leave a Reply

Your email address will not be published.