2 Factor Authentication

Stefan Paetow Stefan.Paetow at jisc.ac.uk
Thu Jan 5 14:14:27 CET 2017

>I'm not aware of any timing limitations (as with the SSLVPN I can even
>for 30s using the same 2nd authentication as for L2TP) - the whole chain
>(firewall-Nps-Freeradius) has minimum 30s timeout configured.

Ok... If 30 seconds is not enough, that is a bit of a concern.

>With 'Sleep 3' it is still connected successfully - anything above 3
>seconds just makes the L2TP VPN connection unsuccessful.
>Checked in the firewall - timeout is 90s.

You might want to check what the complete end-to-end timing is...

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet


Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.


More information about the Freeradius-Users mailing list