Sonicwall TZ 400, using Sonicwall Global VPN client, my question is how to configure an inactive VPN connection to disconnect after a certain period of inactivity?
under the users sub menu and set the user time out .
Did you logout all VPN user after set to 45 minutes?
The only option I see is to limit the time they have until the account expires. For example, I want to log the user out after sitting idle for 45 minutes. The only settings I see are to allow a set amount of time before disabling access for the remainder of the day, week, month, depending on what cycle I choose.
Menu is:
Users / Settings / User Sessiongs / User Session Settings / inactivity timeout (minutes)
set the time.
that is it
Appreciate it, I have this set to 45 minutes yet VPN users continue to be logged in unlimited. There’s a connection open for 5387 minutes.
could you share user settings pages?
I think I may have just found the issue, will have to report back in 45 minutes. You’ll see in the screenshot “Logout after inactivity” has two options and I only selected “For connections requiring user authentication” and not for “For other connections”
I just change “For other connections” to 45 minutes.
I overlooked this because VPN (IPsec) uses authentication so I assumed it was covered under “For connections requiring user authentication.”
Settings page in previous post. I just checked and I continue to get the same issue, accounts are not logging off.
If you set to “tunnel all mode” timeout won’t work. because of all packet send by your client to your firewall and firewall will think your client is working still.
We’re not set up using SSL/VPN, unless I’m missing something “tunnel all mode” is only used for SSL/VPN.
We’re using Global VPN Client L2TP configuration.
Switched over to SSL/VPN and the timeout option is still not working. I checked and “Tunnel all Mode” is not enabled.
Tunnel all mode is used by ssl-vpn.
This gateway only is used by Global vpn client and also All secured gateways options.
these are the same.
and why didnt say before you are using L2TP?
L2TP is different inactivity timeout option into the L2TP subemenu.
go to L2TP menu and click configure and will see inactivity timeout options set to what you want and test again.
Not sure why I didn’t mention we’re using L2TP, important piece of info…ugh. What is the saying about assuming…which I shouldn’t have done 
.
I also just found out that Sonicwall doesn’t allow the inactivity option for L2TP, they only allow lifetime, which obviously isn’t going to work.
I’m upgrading to SSL this coming week and appreciate your input, I’ll be able to configure inactivity times for SSL moving forward.