Limit the length of idle sessions for administrators to specify login password and session timeout behavior of the Barracuda NG Firewall. After the initial login with password, certificate, smartcard, or eToken, a session password is dynamically created and used for subsequent access. The session timeout sets the time until the session password is discarded and the user must log in again.
Configure Session Limits
- Open the Control page (Config > Full Config > Box > Infrastructure Services).
- In the left menu, select Administrative Sessions.
- Click Lock.
- In the NG Admin Max. Idle field, specify the maximum number of minutes that a Barracuda NG Admin session can be idle before it is closed (default: 60). After the session is closed, you must log back in.
- In the NG Admin Max. Idle field, specify the maximum number of minutes that a Barracuda NextGen Admin session can be idle before it is closed. After the session is closed, you must log back in.
- In the Console Max. Idle field, specify the maximum number of minutes that a shell/SSH session can be idle before it is closed.
- (optional) To use session passwords, set Disable Session Passwords to yes. This will generate a session password after successful authentication. Recommended for smartcard or eToken authentication.
- Click Send Changes and Activate.