Two Factor, 2FA has issues when client set to auto reconnect

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
dsholm
Posts: 13
Joined: Mon Nov 22, 2021 4:54 pm
Contact:

Two Factor, 2FA has issues when client set to auto reconnect

Post by dsholm » Tue May 10, 2022 1:18 pm

We use Duo and have it set up with their RADIUS proxy service. That is all fully functional.

The problem is when clients are set to auto reconnect (such as connection dropped, etc.). Right now it seems we need to turn this off because it appears to send MULTIPLE requests at once. In fact, in the Duo proxy logs, I see just that and it seems to remove most of the duplicate attempts but some make it through. This problem occurs when the system goes to sleep or locked.

The client disconnects/reconnects for unknown reasons but then the push is sent to the phone. Even if I have the timeout set to something like 60s it will still fire multiple auth attempts. It will specifically do this when returning from sleep, it seems to fire off missed events rapidly and if Duo thinks its nefarious, it will disable the account and then we have to unlock it.

I feel the client needs an adjustment, when returning from sleep, either send only one request or none, not all missing events.

Post Reply