Improve company productivity with a Business Account.Sign Up

x
?
Solved

Cisco pix firewalls and Idle time out

Posted on 2004-09-01
7
Medium Priority
?
211 Views
Last Modified: 2013-11-16
I have a Pix 515E firewall that I am using for VPN access to the network. I have the following line in my configuration for Timeout when the user is Idle:
vpngroup Group name idle-time 1800
 This line is present but when a user connects and is idle for the alotted time they are not disconnected. Is there another command that needs to be added to acomplish this ?

Also is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

Thanks for your help

Bob W
0
Comment
Question by:BobWoodard01
7 Comments
 
LVL 58

Expert Comment

by:Pete Long
ID: 11956886
how about

isakmp keepalive 30
0
 

Author Comment

by:BobWoodard01
ID: 11956984
I do not have that line in my configuration. Please tell me what that does.
0
 
LVL 58

Expert Comment

by:Pete Long
ID: 11957053
sends a keep-alive pulse down the VPN tunnel every 30 seconds
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 

Author Comment

by:BobWoodard01
ID: 11957144
That should keep the tunnel up, not disconnect it. Iwant the user to bedisconnected if they leave the computer for 30 minutes without doing anything.
0
 
LVL 58

Expert Comment

by:Pete Long
ID: 11957309
=/ I am a clown! sorry man, a clear case of RTFQ my appols

Pete
0
 
LVL 1

Expert Comment

by:tevens
ID: 11973837
You have the right command.  The most likely cause is that the user isn't idle.  Windows is a very chatty.  Even when you aren't doing anything the Windows OS is.  I would recommand putting an ACL on the user to block the standard chattness of windows.

--Tim
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 11988072
>is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

With the VPN 3000 concentrator, yes, but not with the PIX.
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

You do not need to be a security expert to make the RIGHT security. You just need some 3D guidance, to help lay out an action plan to secure your business operations. It does not happen overnight. You just need to start now and do the first thin…
The intent of this article is not to tell you what solution to use (you know it better) or make a big bang change to your current regime (you are well aware of), but to share how the regime can be better and effective in streamlining the multiple pa…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question