In Sophos XG, is there any way to increase the timeout for radius servers?
I'm having problems using SSL VPN authentication with radius when using 2-factor. If I bypass 2factor, I'm logging in fine.
If I enable 2factor, it seems to timeout and I get a second credential prompt before I get to accept the first request, rendering my first request invalid.
I've seen this question before and the answer was that the timout is hard coded. However that was a old thread:
Maybe things have changed?
The feature to configure access server timeout is considered in the ID NC-8393. It will be added in the future firmware releases.
Sachin Gurung Team Lead | Sophos Technical Support Knowledge Base | @SophosSupport | Video tutorials Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
That is wonderful news.
Digging trough the net in search for answers, it seems this has been on the wishlist for a long time, even pre-XG.
Now the interesting question is when will it be released? Any idea?
I was the one that started the 1st thread, this is good news.
Hello, can you please provide an update regarding ID NC-8393? Is there a method for implementing a RADIUS timeout for out-of-band services such as Duo via shell?
If there is a nic opened, the feature is completely missing even from CLI.
Hope they will give us when this will be implemented v16.5, v17....
UTM Certified Architect - XG Certified Architect
This is now a very important requirement from a compliance perspective. If I cannot get an answer on this, I may very well have to look at alternative solutions.
Are there an updates? I'm not sure how out-of-band radius authentication scenarios have not been considered.
What's the current status of NC-8393? When can we expect to see it in a release?
Please provide an update on this. It seems many of us are facing the same challenges and the only options are to change MFA provider or reduce our VPN security (neither of which are ideal).