open-connect: T4274: extend RADIUS authentication timeout

RADIUS authentication can be handled by a variety of mechanisms,
including proxy for 2FA systems requiring user interaction with a
separate device, token acquisition, or other time-consuming action.

Given the delays required for certain 2FA implementations, a thirty
second timeout can range from onerous to untenable. Accomodate the
2FA time requirements by extending the hard-coded RADIUS time limit
from 30 seconds to 240.

Co-authored-by: RageLtMan <rageltman [at] sempervictus>

1 files changed, 4 insertions, 4 deletions

diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in
index 3fc34bacc..f418f5d75 100644
--- a/interface-definitions/vpn_openconnect.xml.in
+++ b/interface-definitions/vpn_openconnect.xml.in
@@ -40,13 +40,13 @@
                     <properties>
                       <help>Session timeout</help>
                       <valueHelp>
-                        <format>u32:1-30</format>
-                        <description>Session timeout in seconds</description>
+                        <format>u32:1-240</format>
+                        <description>Session timeout in seconds (default: 2)</description>
                       </valueHelp>
                       <constraint>
-                        <validator name="numeric" argument="--range 1-30"/>
+                        <validator name="numeric" argument="--range 1-240"/>
                       </constraint>
-                      <constraintErrorMessage>Timeout must be between 1 and 30 seconds</constraintErrorMessage>
+                      <constraintErrorMessage>Timeout must be between 1 and 240 seconds</constraintErrorMessage>
                     </properties>
                     <defaultValue>2</defaultValue>
                   </leafNode>