https://community.checkpoint.com/t5/SASE-and-Remote-Access/Cache-2FA-OTP-challenge/m-p/157079#M6293 <P>Even if the client cached the OTP, it’s be different by the time it’s needed again.<BR />Possible if you integrate with SAML instead of RADIUS you can achieve what you’re after.</P> Mon, 12 Sep 2022 17:50:04 GMT PhoneBoy 2022-09-12T17:50:04Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Cache-2FA-OTP-challenge/m-p/157067#M6292 <P>Hello,</P><P>&nbsp;</P><P>We've successfully deployed a 2FA for remote access users like in this post: <A href="https://community.checkpoint.com/t5/General-Topics/MFA-with-Google-Authenticator/m-p/39456#M8416" target="_blank">https://community.checkpoint.com/t5/General-Topics/MFA-with-Google-Authenticator/m-p/39456#M8416</A></P><P>&nbsp;</P><P>We are using google authenticator compatible tokens for all users but every time they try to login into the VPN they are asked for the challenge (OTP PIN). Is there any way to configure the CheckPoint gateway to remember a previous successful authentication for 4 hours for example?</P><P>&nbsp;</P><P>&nbsp;</P><P>Thanks.</P> Mon, 12 Sep 2022 14:38:15 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Cache-2FA-OTP-challenge/m-p/157067#M6292 jgarcias 2022-09-12T14:38:15Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Cache-2FA-OTP-challenge/m-p/157079#M6293 <P>Even if the client cached the OTP, it’s be different by the time it’s needed again.<BR />Possible if you integrate with SAML instead of RADIUS you can achieve what you’re after.</P> Mon, 12 Sep 2022 17:50:04 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Cache-2FA-OTP-challenge/m-p/157079#M6293 PhoneBoy 2022-09-12T17:50:04Z