Fortigate SSL VPN Timeout Issue with Approve/Biometrics
Article Number
Applies To
Issue
Users are unable to log in to the SSL VPN using Approve or biometric authentication from CAS.
Resolution
- Log in to the Fortigate CLI.
- Select the correct VDOM based on customer configuration.
- Configure the remoteauthtimeout parameter:
FEIRDUFG01$ config sys global
FEIRDUFG01(global)$ set remoteauthtimeout 60
FEIRDUFG01(global)$ end
Notes
About remoteauthtimeout
- This is a global parameter for LDAP, RADIUS, and other authentication servers.
- It defines the maximum time (in seconds) allowed for a valid token code to be entered before the connection closes.
- Default value: 5 seconds.
- Important: Changing this value affects all remote authentication servers (RADIUS, LDAP, TACACS+).
Related Articles
Troubleshooting an update issue with an RSA Authentication Manager 8.x Web Tier deployment Number of Views AFX Server remains in a 'Not running' State with 'An issue with handling encryption was encountered' error on startup in R… Number of Views Error while importing RSA Identity Management and Governance Collector metadata: java.lang.IllegalStateException: An issue… Number of Views “An issue with handling encryption was encountered" with IBM JDK 1.8.0_281 and later in RSA Identity Governance & Lifecycle Number of Views Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
