Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Renegotiation Time with MFA

    Scheduled Pinned Locked Moved
    OpenVPN
    1
    1
    18
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rebelscum
      last edited by

      Hello,

      We recently deployed EntraID MFA with our OpenVPN deployment. It works great minus one drawback that we've come across. Currently we have reneg-sec set at the server and client as reneg-sec 36000; We're finding that clients that actually stay connected for the term are only staying persistent for 9 hours and not the full 10 hours. Short of deploying a longer renegotiation time to compensate, has anyone seen these settings not honor the full timeout amount?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.