Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco pix firewalls and Idle time out

Posted on 2004-09-01
7
Medium Priority
?
209 Views
Last Modified: 2013-11-16
I have a Pix 515E firewall that I am using for VPN access to the network. I have the following line in my configuration for Timeout when the user is Idle:
vpngroup Group name idle-time 1800
 This line is present but when a user connects and is idle for the alotted time they are not disconnected. Is there another command that needs to be added to acomplish this ?

Also is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

Thanks for your help

Bob W
0
Comment
Question by:BobWoodard01
7 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11956886
how about

isakmp keepalive 30
0
 

Author Comment

by:BobWoodard01
ID: 11956984
I do not have that line in my configuration. Please tell me what that does.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957053
sends a keep-alive pulse down the VPN tunnel every 30 seconds
0
Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 

Author Comment

by:BobWoodard01
ID: 11957144
That should keep the tunnel up, not disconnect it. Iwant the user to bedisconnected if they leave the computer for 30 minutes without doing anything.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957309
=/ I am a clown! sorry man, a clear case of RTFQ my appols

Pete
0
 
LVL 1

Expert Comment

by:tevens
ID: 11973837
You have the right command.  The most likely cause is that the user isn't idle.  Windows is a very chatty.  Even when you aren't doing anything the Windows OS is.  I would recommand putting an ACL on the user to block the standard chattness of windows.

--Tim
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 11988072
>is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

With the VPN 3000 concentrator, yes, but not with the PIX.
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question