Sophos Connect with OTP – eliminate 4 hours reauthentication
Today when using Sophos Connect with OTP, the firewall asks for a new OTP token every 4 hours. According Sophos support, this value is hardcoded. If employees working the whole day remotely, an interruption very 4 hours is a pain.
Please make these 4 hours configurable. Or at least extend it to 10 hours, so a full working day can be achieved without any interruption.
Dave Skingley commented
Agreed, with working from home being the norm, we wanted to roll out Sophos Connect with OTP to increase our security. This will definitely be an issue with our users.
we also need to extend this period. 1200 Users are not amused to type in a new token every 4 or 5 hours. Many processes running in Background. If they are not on their clients, the processes crashes if loosing VPN Connection.
Configurable would be best for all requester here.
XG Fan commented
a technical explanation for the hardcoding of the 4 hour interval in the context of ipsec negotiation would be helpful. Sophos Connect is slated to gain SSL vpn functionality in a future version. Maybe the limit on the OTP interval will change at that point?
FYI, you can increase it to 5 hours by modifying the config file. The hardcoded value of 18000 seconds is in IPsec policy being used for remote access.