Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Renegotiation Time with MFA

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 47 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      SanDwest
      last edited by

      We recently deployed Entra ID MFA with our OpenVPN setup. It’s working well overall, but we’ve run into one issue.

      We currently have reneg-sec set to 36000 on both the server and client. However, we’re finding that clients that remain connected for the full duration are only staying connected for about 9 hours, rather than the expected 10 hours.

      Aside from increasing the renegotiation time to compensate, has anyone seen these settings fail to honor the full timeout value?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.