Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SSL VPN NetExtender Timeout

sway1101sway1101 Newbie ✭
in SSL VPN

I have an issue with users not disconnecting their VPN connection after working for the day. I have instances where a VPN will be connected for multiple days at time. I would like to either have the session close if there is no activity or just set the session to automatically disconnect after a set period of time, maybe 4 hours or something.

Can someone tell me how to properly solve this issue? I have tried playing with the time out due to inactivity settings and it seemed to either cause random disconnects when the users were actively working or it would never disconnect the connection even if the user was not active.

Also, I have tried setting the session lifetime under the user quota for each user and this does not work. Even with this set to 1 hour it will never disconnect the user.

Thanks

Category: SSL VPN
Reply
Tagged:

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Have you tried adding any services to the Users \ Settings \ User Session \ User Session Settings option "Don't allow traffic from these services to prevent user logout on inactivity"?

  • StuartBoothStuartBooth Newbie ✭

    Hi, just checking if this issue had been resolved. We seeing similar issues with an SMA unit for a customer.

    Inactivity timeout limits are in place but sessions are not being dropped. This results in the licenses being exhausted and users unable to access either via Virtual Office or NetExtender until the sessions are manually ended.

  • JSLJSL Newbie ✭

    I have this exact same issue with the recent update on our GW... SSL Inactivity is set to 1 minute as a test case..

    Connect via Sonicwall Mobile Connect and simply change the Network from Cellular to Wifi.. this will drop the connection from the phone but on the Sonicwall side it is still showing as connected...

    Waiting a couple minutes will show in the status page that your device is still connected and has passed the inactivity threshold but is still connected.

    I have checked groups and user permission and there is no other timeout available from what I can see that would be conflicting with the SSL VPN rule. I can only put this down to a glitch on the software which is frustrating when you only have 2 vpn licenses and no other means of accessing the network externally to disconnect the zombie sessions.

  • JaritVBJaritVB Newbie ✭

    can somebody tell me where they even set the timeout threshold? I can't even find where to set the timeout threshold on our NSA4600.

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Under SSLVPN Server Settings is the default inactivity timeout.

    There are also user-specific timeout settings in Users \ Settings \ User Sessions.

  • Johndem33Johndem33 Newbie ✭

    I too am having problems setting an inactivity timeout parameter(s) that will actually kick off SSL VPN (NetExtender) connected users that are not active on a Gen 7.1.1.-7040 TZ570 firewall.

    • 1. I have the Device>Users>Local Users & Groups>Settings>Inactivity Timeout (days) set to 1.
    • 2. I have the Network>SSL VPN>Server Settings>SSL VPN Server settings>Inactivity Timeout (minutes) set to 540.
    • 3. I have the Device>Users>Settings>User Sessions>User Session Settings>Inactivity timeout (minutes) set to 20 and I have tried 'Netbios' and 'DNS' separately under the 'Don't allow traffic from these services to prevent user logout on inactivity'. I do not know how to set more than one of these at a time and there are nearly 300. So, its an incredibly slow process to try each. So far, no progress as my users have been connected for multiple days now.

    I do terminate all connected NetExtender users each time I set a value in step 2 above and they let me know it.

    All assistance is appreciated.

Sign In or Register to comment.