Admin User Doesn't Timeout After Idled for a Configured Value

Admin User Doesn't Timeout After Idled for a Configured Value

13048
Created On 04/12/19 13:47 PM - Last Modified 07/31/25 21:09 PM


Symptom


– Idle timeout value is set to default (60 minutes).
– Admin user logged in via SSH is getting timed out after the default idle time (60 minutes).
– When user logs into the firewall web interface and monitors the dashboard, it never times out.
– Idle time resets to 0 after every 5 minutes.

Environment


PAN-OS

Cause


If the dashboard page refresh is set to 1, 2, or 5 mins less than the idle timeout value, then the admin users will not be logged out automatically since it will reset the idle timeout value. Both manual and automatic refreshing of the web interface pages (such as the dashboard tab and monitor tab) reset the idle timeout counter.

Resolution


– To enable the firewall to enforce the timeout when you are on a page that supports automatic refreshing, set the refresh interval to Manual.
– You can also disable Auto Refresh in the ACC tab. 

Articles for reference:

How to Avoid Admin Session Timeouts

How to remove admin login sessions?

 

Additional Information


For more information about idle timeout, please reference this article:
https://live.paloaltonetworks.com/t5/Community-Blog/Did-You-Know-About-Administrative-Idle-Timeout-and-How-to-Tweak/ba-p/249414
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLYRCA4&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language