The firewall applies an Authentication Portal session timeout
that defines how long end users can take to respond to the authentication
challenge in a Authentication Portal web form. The web form displays
when users request services or applications that match an Authentication
policy rule. The session timeout is 30 seconds by default (range
is 1 to 1,599,999). It must be the same as or greater than the PAN-OS
web server timeout.
Modify
the Authentication Portal Session Timeout if necessary. Keep
in mind that increasing the PAN-OS web server and Authentication
Portal session timeouts might degrade the performance of the firewall
or cause it to drop authentication requests.