https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79181#M11136 As far as I know, no.<BR />You don't necessarily want to make the re-authenticate user option long, but you can cache the password on the client for longer.<BR />Or use certificate-based authentication and have the certificate installed in the OS certificate store.<BR />That should effectively keep the user connected for as long as they're logged in. Sun, 22 Mar 2020 05:59:29 GMT PhoneBoy 2020-03-22T05:59:29Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/78867#M11135 <P>Is it possible to disable re-authentication for Mobile Access and other VPN clients? I see the option to set the re-authentication timer in the Global Properties, but not sure if setting this to 0 will disable re-authetnication, or if there is an actual method. Currently it's set to 720 minutes (12 hours)</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="2020-03-19_16h43_34.png" style="width: 492px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/4906i9D5E405A13A3D7B8/image-size/large?v=v2&amp;px=999" role="button" title="2020-03-19_16h43_34.png" alt="2020-03-19_16h43_34.png" /></span></P> Thu, 19 Mar 2020 20:44:31 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/78867#M11135 NorthernNetGuy 2020-03-19T20:44:31Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79181#M11136 As far as I know, no.<BR />You don't necessarily want to make the re-authenticate user option long, but you can cache the password on the client for longer.<BR />Or use certificate-based authentication and have the certificate installed in the OS certificate store.<BR />That should effectively keep the user connected for as long as they're logged in. Sun, 22 Mar 2020 05:59:29 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79181#M11136 PhoneBoy 2020-03-22T05:59:29Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79217#M11137 <P>That's unfortunate. The problem with the client re-authenticating for us is that we have two factor authentication.</P><P>If a user forgets to log out of VPN, they will receive a two factor authentication prompt when the VPN re-authentication occurs, which they mark as a fraudulent access attempt. A manual re-authentication would be preferred.</P> Sun, 22 Mar 2020 12:33:22 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79217#M11137 NorthernNetGuy 2020-03-22T12:33:22Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79245#M11138 I think, but I'm not sure, that this is also tied to the rekey of the underlying IPsec connection, which definitely cannot be unlimited (nor is it recommended to be).<BR />In any case, it's generally recommended for security reasons to periodically reauthenticate. Sun, 22 Mar 2020 20:31:56 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/VPN-disable-reauthenticate/m-p/79245#M11138 PhoneBoy 2020-03-22T20:31:56Z