![]() The overall session expiration is set to nearly 24 hours - after that time a new TLS key can’t be obtained using the session token and the VPN session ends when the TLS key’s usefulness expires. The lifetime of a session token is twice the TLS key refresh value. This is important to understand and configure the session timeout correctly.īy default Access Server will force a TLS key refresh every six hours. Normal successful authentication or a successful session token authentication is required to obtain a TLS encryption key. Session lifetime and expiration settingsĪn active VPN session can continue as long as the current TLS encryption key is valid. If validation fails on any of these points the session is ended and the user must go through the authentication phase again in order to establish a VPN connection. The new session token has an updated creation timestamp. The server provides a new session token to the VPN client that retains the same original session-start timestamp. ![]() Once validation passes on all points, the server and client agree on new encryption keys and allow the session to resume. If not explicitly set, this defaults to a period of 12 hours (2圆 hours).
0 Comments
Leave a Reply. |