diff options
| author | RageLtMan <sempervictus@users.noreply.github.com> | 2022-02-28 08:32:30 -0500 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-28 14:32:30 +0100 | 
| commit | 257345cd152c23a465332dea4af034244007aaa7 (patch) | |
| tree | ca4c2a1959a360d7c4f376bcefc0de38a36b9a1d | |
| parent | 61fa1c95164e4222e79b078b1a796f41397e0ee3 (diff) | |
| download | vyos-1x-257345cd152c23a465332dea4af034244007aaa7.tar.gz vyos-1x-257345cd152c23a465332dea4af034244007aaa7.zip | |
open-connect: T4274: extend RADIUS authentication timeout
RADIUS authentication can be handled by a variety of mechanisms,
including proxy for 2FA systems requiring user interaction with a
separate device, token acquisition, or other time-consuming action.
Given the delays required for certain 2FA implementations, a thirty
second timeout can range from onerous to untenable. Accomodate the
2FA time requirements by extending the hard-coded RADIUS time limit
from 30 seconds to 240.
Co-authored-by: RageLtMan <rageltman [at] sempervictus>
| -rw-r--r-- | interface-definitions/vpn_openconnect.xml.in | 8 | 
1 files changed, 4 insertions, 4 deletions
| diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in index 3fc34bacc..f418f5d75 100644 --- a/interface-definitions/vpn_openconnect.xml.in +++ b/interface-definitions/vpn_openconnect.xml.in @@ -40,13 +40,13 @@                      <properties>                        <help>Session timeout</help>                        <valueHelp> -                        <format>u32:1-30</format> -                        <description>Session timeout in seconds</description> +                        <format>u32:1-240</format> +                        <description>Session timeout in seconds (default: 2)</description>                        </valueHelp>                        <constraint> -                        <validator name="numeric" argument="--range 1-30"/> +                        <validator name="numeric" argument="--range 1-240"/>                        </constraint> -                      <constraintErrorMessage>Timeout must be between 1 and 30 seconds</constraintErrorMessage> +                      <constraintErrorMessage>Timeout must be between 1 and 240 seconds</constraintErrorMessage>                      </properties>                      <defaultValue>2</defaultValue>                    </leafNode> | 
