This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OKTA and Sophos UTM timeout

Recently, we have put a RADIUS Server within our environment and rolled out OKTA as our MFA platform for VPN.

I know the expected behavior is for any user that has OTP/MFA enabled to disconnect the VPN after 8 hours.

But we have noticed, after the 8 hours the VPN sends a request to OKTA and the user gets a prompt on OKTA asking if it is them signing in.

Is there a way to just tell the VPN to drop the connection and not attempt any "reauthentication?"

I know there are ways to edit the openvpn on the UTM, but I'm not sure of the process to do so.



This thread was automatically locked due to age.
  • Hi and welcome to the UTM Community!

    This would involve modifications at the command line, so you will need Sophos Support's OK to avoid risking the warranty on your UTM.

    I don't think this issue has been discussed here.  If you come up with the OpenVPN modifications needed, come back here and describe or link to what you found.  Implementing it might be easy.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA