Solved

Cisco pix firewalls and Idle time out

Posted on 2004-09-01
7
204 Views
Last Modified: 2013-11-16
I have a Pix 515E firewall that I am using for VPN access to the network. I have the following line in my configuration for Timeout when the user is Idle:
vpngroup Group name idle-time 1800
 This line is present but when a user connects and is idle for the alotted time they are not disconnected. Is there another command that needs to be added to acomplish this ?

Also is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

Thanks for your help

Bob W
0
Comment
Question by:BobWoodard01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 11956886
how about

isakmp keepalive 30
0
 

Author Comment

by:BobWoodard01
ID: 11956984
I do not have that line in my configuration. Please tell me what that does.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957053
sends a keep-alive pulse down the VPN tunnel every 30 seconds
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:BobWoodard01
ID: 11957144
That should keep the tunnel up, not disconnect it. Iwant the user to bedisconnected if they leave the computer for 30 minutes without doing anything.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11957309
=/ I am a clown! sorry man, a clear case of RTFQ my appols

Pete
0
 
LVL 1

Expert Comment

by:tevens
ID: 11973837
You have the right command.  The most likely cause is that the user isn't idle.  Windows is a very chatty.  Even when you aren't doing anything the Windows OS is.  I would recommand putting an ACL on the user to block the standard chattness of windows.

--Tim
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 11988072
>is there a way to send a disclaimer when a user logs into the firewall using a vpn client.

With the VPN 3000 concentrator, yes, but not with the PIX.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question