@works2020 your listing does not show any SSL-VPN (NetExtender) Connections, but nevertheless, you enabled "SSLVPN Inactivity Check:" on the SSL VPN Server settings?
Firmware Version is what? Just to root out known issues.
Hi BWC, the image is an old one, I attached a new one. I'm switching from L2TP to SSL/VPN.
I've toggled the SSLVPN Inactivity Check box several times and it still didn't make a difference. For clarity, you're saying this needs to be checked, correct?
@works2020 I checked on a 6.5.4.10 for you and it works as intended (even without ticking SSLVPN Inactivity Check), but the Inactivity Time (Idle Time) is only showed properly on the SSL VPN Sessions listing. If the Idle Time does not go up, maybe some packets keeping the Connection alive.
@works2020 you might be right about the Tunnel All Mode. I modified my profile and since than the Inactivity Time does not go up, probably due to the former mentioned packets which end up in the Tunnel and hold the Connection alive, because every Device is talking all the Time (telemetry, DNS, ...).
You may want to exclude services like telemetry and DNS from keeping users active. Users \ Settings \ User Sessions \ Don't allow traffic from these services to prevent user logout on inactivity
Answers
@works2020 your listing does not show any SSL-VPN (NetExtender) Connections, but nevertheless, you enabled "SSLVPN Inactivity Check:" on the SSL VPN Server settings?
Firmware Version is what? Just to root out known issues.
--Michael@BWC
Hi BWC, the image is an old one, I attached a new one. I'm switching from L2TP to SSL/VPN.
I've toggled the SSLVPN Inactivity Check box several times and it still didn't make a difference. For clarity, you're saying this needs to be checked, correct?
Firmware: SonicOS Enhanced 6.5.4.9-92n
@works2020 I checked on a 6.5.4.10 for you and it works as intended (even without ticking SSLVPN Inactivity Check), but the Inactivity Time (Idle Time) is only showed properly on the SSL VPN Sessions listing. If the Idle Time does not go up, maybe some packets keeping the Connection alive.
I tested with MobileConnect on iOS as Client.
--Michael@BWC
Thanks for checking. Does this have anything to do with Tunnel All Mode?
Shows the user under SSL/VPN status (below image), I'll keep an eye on Inactivity Time and let you know.
Really need this to work for security reasons.
@works2020 you might be right about the Tunnel All Mode. I modified my profile and since than the Inactivity Time does not go up, probably due to the former mentioned packets which end up in the Tunnel and hold the Connection alive, because every Device is talking all the Time (telemetry, DNS, ...).
--Michael@BWC
You may want to exclude services like telemetry and DNS from keeping users active. Users \ Settings \ User Sessions \ Don't allow traffic from these services to prevent user logout on inactivity