I plan to set a connection expiration time that forces users to re-type their password. I don't use MFA. I have a OpenVPN server that is built in PFSense + OpenVPN Connect client v3.3.7 for Windows. Initially I tried to make use of the following options in the .ovpn configuration file:
Code: Select all
auth-nocache
reneg-sec 3600
ping 10
ping-restart 60
UNUSED OPTIONS
1 [auth-nocache]
As of a result, I can verify by the log that the renegotiation is happening as intended, but the users is not prompted to re-type their password in that process.
Has auth-nocache been deprecated in version 3.X? Are you aware of any other way to set a effective connection expiration time that will require the user to re-enter its credentials?
Best regards,
C.