Fortigate SSL VPN Timeout Issue with Approve/Biometrics
Article Number
Applies To
Issue
Users are unable to log in to the SSL VPN using Approve or biometric authentication from CAS.
Resolution
- Log in to the Fortigate CLI.
- Select the correct VDOM based on customer configuration.
- Configure the remoteauthtimeout parameter:
FEIRDUFG01$ config sys global
FEIRDUFG01(global)$ set remoteauthtimeout 60
FEIRDUFG01(global)$ end
Notes
About remoteauthtimeout
- This is a global parameter for LDAP, RADIUS, and other authentication servers.
- It defines the maximum time (in seconds) allowed for a valid token code to be entered before the connection closes.
- Default value: 5 seconds.
- Important: Changing this value affects all remote authentication servers (RADIUS, LDAP, TACACS+).
Related Articles
Troubleshooting an update issue with an RSA Authentication Manager 8.x Web Tier deployment Number of Views AFX Server remains in a 'Not running' State with 'An issue with handling encryption was encountered' error on startup in R… Number of Views Urgent Notice: Issue with Embedded IDR Image Downloads Number of Views “An issue with handling encryption was encountered" with IBM JDK 1.8.0_281 and later in RSA Identity Governance & Lifecycle Number of Views Intermittent authentication issue with RSA Authentication Agent 7.4.3 for Windows Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
