Authentication Settings
In Authentication Settings of Global Properties> Remote Access> Endpoint Connect, you can enable a password cache and define timeouts for password retention and re-authentication.
To configure authentication settings:
-
Enable password caching
-
No (default) requires users to enter a password whenever they connect.
-
Yesretains the user password in a cache for a specified period.
-
-
Cache password for - Password retention period in minutes (default = 1440), if password caching is enabled.
|
Note - For security reasons, the cache is cleared when the user explicitly disconnects, even if the cache period has not ended. The cache is useful for re-authentications and automatic connections triggered by the Always-Connect feature. |
-
Re-authenticate - Authentication timeout in minutes (default is 480 minutes), after which users must re-authenticate the current connection.
By default the re-authentication warning shows five minutes before the authentication timeout expires. To change the time, use the
reauth_grace_period
parameter in the file on the Security Gateway or in thetrac.defaults
(refer to The Configuration File):trac_client_1.ttm
Copy:reauth_grace_period (
:gateway (
:default (10)
)
)trac.defaults
reauth_grace_period
INT
10
GW_USER
0
The Re-authentication warning window does not show:
-
Earlier that two minutes from the VPN session start
-
Later than five minutes before the VPN session ends
If the administrator defines incorrect values, the default "five minutes" is used.
-
Caching and OneCheck User Settings - In SmartEndpoint-managed clients, if you have OneCheck User Settings enabled, see the OneCheck User Settings in the Endpoint Security Administration Guide.