Did You Know About Administrative Idle Timeout and How to Tweak It?

by 2 weeks ago - last edited a week ago by (714 Views)

 

 

The Idle Timeout (Device tab > Setup > Management tab > Authentication Settings) will automatically log out an administrator when the configured time of inactivity is reached. The configurable range is 0 to 1440 minutes. The default is 60 as shown in the screenshot below.

 

idle timeout.jpgIdle Timeout

There are ways to prevent the Idle Timeout from being reached. You can configure it to "0 (never)," which means that inactivity will not trigger an automatic logout as shown in the screenshot below.

 

idle timeout never.jpgIdle Timeout NeverThere are some scenarios where you can have both cases at the same time. For instance, you can have administrators logged out automatically by the Idle Timeout while, at the same time, having administrators not being logged out even when the Idle Timeout is reached.

 

To achieve this, you'll need to adjust the Idle Timeout and refresh interval values, which you can find on certain pages. If the Idle Timeout value is higher than the refresh interval, then you will not be logged out automatically if you stay on that page, even if the Idle Timeout value is reached. The reason for this is because the refresh of those webpages (both manual and automatic) will reset the Idle Timeout counter.

 

For example, let's consider the default settings where the Idle Timeout is 60 minutes. If your administrator logs into your firewall and stays on the dashboard page with a refresh value of 1 minute then this administrator will never be logged out as long as he stays on this page.

refresh.jpgRefresh is set for 1 minute

Every minute, the automatic refresh from this page will reset the Idle Timeout, preventing the administrator from being logged out automatically. Depending on your needs, this might be something useful for you or something you actually want to avoid.

 

If you want the Idle Timeout to effectively log out idle adminsitrators, then you need to make sure that the Idle Timeout value is lower than the actual refresh value.  Alternatively, you can also set the refresh value to "Manual" as seen in the screenshot below. 

manual refresh.jpgRefresh is set to Manual 

Setting this option to "Manual" will disable the automatic refresh on this page. In turn, the Idle Timeout will not be reset and administrators will be logged out automatically after enough inactivity. Unless you've configured it to "0" as explained earlier.

 

Kiwi out !

Comments
by MP18
a week ago

Great article i was trying to find the answer for this for so long.

Thanks a lot

by MP18
a week ago

If i change the setting to Manual it applies to my web session or will it affect sessions for other users also?

 

is there any way i can change the refresh time interval for all users ?

 

does refresh time interval need commit?

by
a week ago - last edited a week ago

@MP18,

 

If i change the setting to Manual it applies to my web session or will it affect sessions for other users also?

  • It applies to this user only.

 

is there any way i can change the refresh time interval for all users ?

 

does refresh time interval need commit?

  • No it doesn't.

 

Cheers !

-Kiwi.

 
Ask Questions Get Answers Join the Live Community
Labels