Ending User Sessions
You can immediately terminate a user’s session, even if the user has multiple connections on different services
or nodes, or temporarily disable a user’s network access for 10 minutes (the user can log in to the network again
after that period if your access policy allows it). To permanently prevent a user from logging in to your VPN, you
must do one of the following:
Modify the applicable access control rules
Modify or delete the applicable user and group definitions
Delete the user from your user directory
To end open user sessions
In the AMC, navigate to Monitoring > User Sessions.
In the View lists, select the number of sessions you want to display, and then select All open (only sessions that are open can be terminated).
You can filter the list of sessions using a combination of other properties:
User: Enter all or part of a user name. You can use wildcard characters (
?) anywhere in the search string.
Realm: Select a realm, or all realms.
Community: Select a community, or all communities. If you selected a realm, the communities you see in this list are restricted to those that are associated with it.
Zone: Select a zone, or all zones.
Agent: Select an agent or All access agents, or specify that none have been activated (translation only).
Platform: Select a platform or All platforms.
- Login Status: Select a login status, or all status.
- Version: Select a version, or all versions.
- License Type: Select a license type, or all license types
There are two ways to terminate sessions manually in AMC. Only open sessions—those for which there is
either a license or those that can be resumed—can be terminated. Select the checkbox next to any
session you want to end, or select the checkbox at the top to select all the users in the list, and then click
one of the session termination buttons:
- Terminate session – When you click Terminate session, all connections associated with the
selected sessions are terminated. This is a good way to free up a license from an idle session, for
example. Termination occurs on a session-by-session basis, so if a user has several sessions you
can be selective about which ones you end. The user whose session was terminated can
immediately reauthenticate and log in to the appliance.
- Terminate session - restrict logins – This type of termination is the same as above, but there is a
ten-minute interval during which the user is not allowed to generate new sessions. If there are
any existing sessions, they can be used, but until ten minutes elapse, no new sessions can be
created. This is the type of termination you would use, for example, if you wanted to end all of a
user’s sessions and prevent any new ones from being established while you remove his or her
credentials from the authentication store.
Was This Article Helpful?
Help us to improve our support portal