VPN: Auto-Close SSL VPN Connection after certain time
Close connections of desired SSL VPN users after a certain time of inactivity.
Remote Access SSL VPN Time out after an user is idle.
We would like to include, any option to generate a disconnection, in the, SSL VPN (remote access), after some time a user is idle, that to meet the requirements of the PCI.
A lot of thanks for your help.
This feature is included in the upcoming release, code-named Project Copernicus. It is currently in public beta. For more details, please see https://www.astaro.org/beta-versions/project-copernicus-public-beta
I decently need it because the users arent responsible for security - I DO.
Please add it ASAP.
To correct my last post, you can block access during non-work hours via the firewall rules, but still, the inactive disconnect is what we really need.
We are 15 days into our "try-and-buy"... just discover this issue as well. Wow, scary. Also, would have been nice to have windows of time when certain user can access the VPN.
Nelson Judan commented
Just spoke with support. This feature is still not available on the latest release. 9.309-3. I am sure I speak for everyone on this blog post, please Enable this Feature ASAP!
Dieter Lauger commented
This is a standard feature.
This is PCI requirement 12.3.8. Sophos UTM is not a PCI compliant VPN endpoint and we're going to have to abandon it if this isn't corrected quickly. Our annual renewal is next month, March 2015.
Al Dempsey commented
The Sophos UTM is sold as a PCI compliant firewall, yet PCI requires that all remote access VPN connections be automatically disconnected after a set amount of idle time.
YOU NEED TO ENABLE THIS FEATURE!
Any traction on this feature? I've had a few request as of late for it
Michael Tam commented
Many different types of firewall provides a setting that the administrator can set the connection timout / idle time for the sslvpn and ipsec vpn client to increase the security