USG 40 - SSL VPN - disable multiple connection for user

kaika313
kaika313 Posts: 37  Freshman Member
First Comment Friend Collector Sixth Anniversary
edited April 2021 in Security

Hi,

we're using SSL VPN to connect to a USG40.

Some users forget to click on disconnect after using the VPN and so, until the reauthentication Time is reached, sometimes it happens that a user connects again and the SSL VPN tunnels get all occupied soon with same users connected multiple times. Is it possible to prevent this?

Thank you

Kari

All Replies

  • PeterUK
    PeterUK Posts: 3,331  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    For each user you can set lease time to 2 minutes and in User/Group > settings you can check Enable user idle detection  

  • kaika313
    kaika313 Posts: 37  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    @PeterUK Ok for the idle detection but (sorry for the stupid question) won't the reduced lease time disconnect the user or disturb active connections?

    Thank you

  • PeterUK
    PeterUK Posts: 3,331  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited March 2020

    The reduced lease time will renew if the user stays connected.

  • USG_User
    USG_User Posts: 374  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    edited March 2020

    How the USG conduct the idle detection, by scanning packets which are going through the tunnel? But a few packets will be transmitted through the SSL VPN tunnel also always without any user action.

    We are using a lot of SSL VPN tunnels, and when established, using RDP sessions to our office computers. Will this be detected by the USG as "not idle"?

  • Ian31
    Ian31 Posts: 174  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary

    @kaika313

    Here what I configure on my ZyWALL 110 to limit user account can only with 1 login.

  • PeterUK
    PeterUK Posts: 3,331  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Oddly that "Reach maximum number per account" setting is not in USG40

Security Highlight