Solved

Cisco pix firewalls and Idle time out

Posted on 2004-09-01
7
200 Views
Last Modified: 2013-11-16
I have a Pix 515E firewall that I am using for VPN access to the network. I have the following line in my configuration for Timeout when the user is Idle:
vpngroup Group name idle-time 1800
 This line is present but when a user connects and is idle for the alotted time they are not disconnected. Is there another command that needs to be added to acomplish this ?

Also is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

Thanks for your help

Bob W
0
Comment
Question by:BobWoodard01
7 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11956886
how about

isakmp keepalive 30
0
 

Author Comment

by:BobWoodard01
ID: 11956984
I do not have that line in my configuration. Please tell me what that does.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957053
sends a keep-alive pulse down the VPN tunnel every 30 seconds
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:BobWoodard01
ID: 11957144
That should keep the tunnel up, not disconnect it. Iwant the user to bedisconnected if they leave the computer for 30 minutes without doing anything.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957309
=/ I am a clown! sorry man, a clear case of RTFQ my appols

Pete
0
 
LVL 1

Expert Comment

by:tevens
ID: 11973837
You have the right command.  The most likely cause is that the user isn't idle.  Windows is a very chatty.  Even when you aren't doing anything the Windows OS is.  I would recommand putting an ACL on the user to block the standard chattness of windows.

--Tim
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 11988072
>is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

With the VPN 3000 concentrator, yes, but not with the PIX.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco IP NAT Translation not working 9 26
Cost effective dual wan w/ qos 5 25
Help with ASA config smtp traffic 10 28
By pass website on ASA for Websense 4 50
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now