If you are using SSO, then it might be due to timeout mismatch with the Identity Provider. But if both time out matches, then you should check come configuration settings as well. Use the below link for information on PRConfig entries related to time out.
As an alternativeYou may try to embed the section named pxSessionTimer anywhere in your portal section(Best place is portal header). While including this section, specify the parameters properly. One of the parameter is to specify the time out time.
If you are using custom authentication please look at the Custom Tab of your AuthService record. There you will see a check box for "Use PegaRULES Timeout". Only when this is selected is the timeout activity run on the next user action if a timeout, based on the Accessgroup setting (>0), has occurred.
If using SAML then the same "Use PegaRULES Timeout" is in the advanced section at the bottom of the SAML AuthService rule record.
The timeout will occur on a user action. So if your timeout is 30 minutes and you do no actions that trigger a request to PRPC for over 30 minutes you should see your timeout activity running the next user action that triggers a request to PRPC. If you're testing timeouts don't use a really low value, at least 1 minute in the AccessGroup setting.
You may need a pxSessionTimer configured as well but we will get to that later.