Operational Defect Database
BugZero found this defect 23 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA1Vr0000001aJBKAY
RADIUS session timeout is reset during Phase 1 rekey
Last update date:
4/26/2024
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.10.x
Fixed releases:
All
Description:
Issue
If Mobile VPN with IKEv2 is configured with RADIUS as an authentication server, and a session timeout is defined in RADIUS, remote users might remain logged in for longer than the maximum session time specified. This behavior is caused by a Phase 1 rekey of the mobile VPN. The RADIUS session timeout will be honored as long as Phase 1 does not rekey before the session timeout expires. If Phase 1 is rekeyed before the timeout, either by the Firebox or by the remote client, then the session timeout will reset and the user will not be logged off.
Workaround/Solution
No workaround exists at this time.
