We have users using Junos Pulse and Network Connect, i have already enabled session options and set the inactive timeout to 15 minutes, max session length to 60 and reminder time to 4 minutes yet the user who are away for 3 hours are still connected. Also enabled the Idle Timeout activity but i still see "Key Exchange " being carried out right before the inactive time out window hits. Has any one able to get this to work?
If you set a max session of 60 minutes, VPN tunnel should be disconnected at 60 minutes. Do you see the end user reconnecting back in the user access logs?
In regards to the key exchange, vpn tunnel will attempt to rekey every 12 minutes (by default). This should not affect the max timeout scenario.
It works with the max session timeout value, but that's not what we are trying to implement. We plan to keep the max session limit to 1 day but time out the session if there is no activity for 60 minutes and this is not working with Network connect or with Junos Pulse but it does if i use web browser to log in and access files via url or bookmarks.
If you have a layer 3 connection (e.g. Network Connect or Pulse) the chances are there will always be background traffic keeping the session alive even if the user is doing nothing.