Fortigate SSL VPN Timeout Issue with Approve/Biometrics
Article Number
Applies To
Issue
Users are unable to log in to the SSL VPN using Approve or biometric authentication from CAS.
Resolution
- Log in to the Fortigate CLI.
- Select the correct VDOM based on customer configuration.
- Configure the remoteauthtimeout parameter:
FEIRDUFG01$ config sys global
FEIRDUFG01(global)$ set remoteauthtimeout 60
FEIRDUFG01(global)$ end
Notes
About remoteauthtimeout
- This is a global parameter for LDAP, RADIUS, and other authentication servers.
- It defines the maximum time (in seconds) allowed for a valid token code to be entered before the connection closes.
- Default value: 5 seconds.
- Important: Changing this value affects all remote authentication servers (RADIUS, LDAP, TACACS+).
Related Articles
Troubleshooting an update issue with an RSA Authentication Manager 8.x Web Tier deployment Number of Views AFX Server remains in a 'Not running' State with 'An issue with handling encryption was encountered' error on startup in R… Number of Views Urgent Notice: Issue with Embedded IDR Image Downloads Number of Views “An issue with handling encryption was encountered" with IBM JDK 1.8.0_281 and later in RSA Identity Governance & Lifecycle Number of Views Intermittent authentication issue with RSA Authentication Agent 7.4.3 for Windows Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
