Authentication prompt is not honoring inactivity timeout value (XenMobile 9.0) or the session timeout value specified (XenMobile 10.0).

For XenMobile 9.0

1. Log on to AppController Console (https://AppCFQDN:4443/ControlPoint).
2. Configure Inactivity timer for 900 minutes or greater (15+ Hours).
3. Re-enroll device for this newly configured value to reflect.

For XenMobile 10.0

Adjust the session timeout value on the NetScaler. The NetScaler Gateway Session Profile controls the lifetime of the microVPN session.
When the mobile device connects to the NetScaler, Secure Hub (or Receiver) tries to establish a TLS session with the NetScaler. This connection provides an authN token from the NetScaler to the mobile device when the user has successfully authenticated. The life of the authN token is managed by the Session Timeout setting. The following screen shot shows NetScaler Management Console > Configure NetScaler Gateway Session Profile > Session Time-out(mins).

Session Time-out setting

In this example, if the NetScaler has not seen any network traffic for more than 30 minutes, the NetScaler flushes that session from its memory. Therefore, the next time the device tries to establish a microVPN TLS session, the NetScaler will have no record of the session token that is provided by Secure Hub (or Receiver) and the user is presented with an authentication prompt. Once the session times out for the user, they' will be forced to authenticate explicitly.

---

Problem Cause

Dependency of session timeout on the Netscaler rather than just XMS sever properties.

Authentication prompt is not honoring inactivity timeout value (XenMobile 9.0) or the session timeout value specified (XenMobile 10.0).

CTX139600 - XenMobile 8.x - Understanding Authentication Timeout Values