We have autoconnect enabled for users, and used to have MFA (Sophos) enabled. We had to disable MFA as it was causing grief for remote users with flakey Internet (and no other ISP options available). Internet connections would go down for a few seconds, then come back up. Normally, it wouldn't be an issue as it's only a few seconds. However, with MFA enabled, Sophos Connect IPSec would attempt to reconnect, and then prompt the user for their MFA code.
Is a configuration available that allows for a successful authentication using a Sophos MFA code to last for a given time period before asking for the code again?
Hi Andrew,
I can see 2 community posts with a similar issue.
Sophos Connect VPN Timeout - Discussions - Sophos Firewall - Sophos Community
As of SFOS version 19.0 up to the latest, IKEv2 is supported with IPsec remote access VPN. This means you can create a custom profile for the IPsec policy
Based on the previous comment by LuCar Toni
Please take note that if you make any changes in these settings, then all the users MUST redownload the config file. We suggest that you test this first before implementing it in production.
Hope this helps
Quote