Forefront Unified Access Gateway (UAG) is a reverse proxy and VPN solution that provides a number of new features, including support for more devices, secure remote access to corporate resources for employees, business partners, and vendors on both managed and unmanaged PCs and mobile devices. UAG also offers a combination of connectivity options such as reverse proxy, VPN (especially SSL VPN), Direct Access, and Remote Desktop Services. In this article, I will show you how to configure session limits and timeouts on Forefront Unified Access Gateway (UAG) server using Forefront UAG Management.
- “Inactivity Timeout” in UAG is defined as follows:
o Login page inactivity: default is 30 seconds.
o Portal home page inactivity: default is 300 seconds for non-privileged endpoints.
o Application inactivity: default is 30 minutes.
- UAG also defines a “Scheduled Timeout” as follows:
o Privileged: default 60 minutes.
o Non-privileged: default 1440 minutes.
o A scheduled timeout occurs whether or not there is any activity.
By this default definition, your site will be logged out after 30 seconds of inactivity, a time frame which some may find to be uncomfortably restrictive. Let’s resolve it then.
- Open the Forefront UAG Management Program:
- Under HTTPS Connections node in the UAG form, select the Configure button:
- In Advanced Trunk Configuration [UAG], select the Session tab.
o In Session Configuration, adjust Maximum concurrent sessions as desired.
o In the Default Session Setting, adjust Inactivate session timeout (seconds) as desired:
Remember that, Maximum value of Inactivate session timeout (seconds) is 999999. If you type a number greater than 999999, you will see the warning message pictured below:
As well, the Maximum value of Automatic Scheduled Logoff Timeout is 16666. If you type a number greater than 16666, you will see the following warning message:
After you’ve completed the configuration, you must click the Activate Configuration button to complete the process: