The device never automatically disconnects the management users; this is the default behavior of the SRX and J-series. This is because the idle timeout is disabled by default.
To validate the current setting, use the following command :
root@juniper>show cli
CLI complete-on-space set to on
CLI idle-timeout disabled
If you want the users to disconnect after some time, configure the idle timeout according to your requirements using the following command:
root@juniper> set cli idle-timeout ?
Possible completions:
<timeout> Maximum idle time (0..100000 minutes)
Use the command show cli to validate the setting.
Example:
In this example the idle timeout is set to 60 minutes.
root@juniper> set cli idle-timeout 60
Idle timeout set to 60 minutes
root@juniper> show cli
CLI complete-on-space set to on
CLI idle-timeout set to 60 minutes
root@juniper% exit
When you login to the device you will see the idle-time is disabled.
root@juniper> run show cli
CLI complete-on-space set to on
CLI idle-timeout disabled
NOTE: These changes are lost after a reboot OR when the user that has configured the same logs out.
If you want the users to logout on their own and have the changes saved after a reboot, create a custom class and call the idle-timeout in that class.
Example: [edit system login]
root# show
class test {
idle-timeout 1;
permissions all;
}
user user {
uid 2006;
class test;
authentication {
encrypted-password "$1$ZBez9s7.$cR93T3DyYcrBXwPQ.2XNe1"; ## SECRET-DATA
}
}
When you login as user, you will always see the idle timeout as 1 min.
user@juniper> show cli
CLI complete-on-space set to on
CLI idle-timeout set to 1 minute