2 files changed, 8 insertions, 3 deletions

diff --git a/data/templates/ipsec/swanctl/remote_access.tmpl b/data/templates/ipsec/swanctl/remote_access.tmpl
index f906836c6..4fdc2a276 100644
--- a/data/templates/ipsec/swanctl/remote_access.tmpl
+++ b/data/templates/ipsec/swanctl/remote_access.tmpl
@@ -10,7 +10,7 @@
         send_certreq = no
         rekey_time = {{ ike.lifetime }}s
         keyingtries = 0
-{%   if rw_conf.unique is defined and rw_conf.unique is not none %}        
+{%   if rw_conf.unique is defined and rw_conf.unique is not none %}
         unique = {{ rw_conf.unique }}
 {%   endif %}
 {%   if rw_conf.pool is defined and rw_conf.pool is not none %}
@@ -39,6 +39,7 @@
                 rekey_time = {{ esp.lifetime }}s
                 rand_time = 540s
                 dpd_action = clear
+                inactivity = {{ rw_conf.timeout }}
 {%   set local_prefix = rw_conf.local.prefix if rw_conf.local is defined and rw_conf.local.prefix is defined else ['0.0.0.0/0', '::/0'] %}
 {%   set local_port = rw_conf.local.port if rw_conf.local is defined and rw_conf.local.port is defined else '' %}
 {%   set local_suffix = '[%any/{1}]'.format(local_port) if local_port else '' %}
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index b0dba4bce..ed4941efc 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -757,11 +757,15 @@
                     <properties>
                       <help>Timeout to close connection if no data is transmitted</help>
                       <valueHelp>
-                        <format>u32:10-86400</format>
+                        <format>u32:0</format>
+                        <description>Disable inactivity checks</description>
+                      </valueHelp>
+                      <valueHelp>
+                        <format>u32:1-86400</format>
                         <description>Timeout in seconds (default 28800)</description>
                       </valueHelp>
                       <constraint>
-                        <validator name="numeric" argument="--range 10-86400"/>
+                        <validator name="numeric" argument="--range 0-86400"/>
                       </constraint>
                     </properties>
                     <defaultValue>28800</defaultValue>