Hi all, We're using ocserv with 2 factor authentication (LDAP and Duo, very similar to what is described here https://ocserv.gitlab.io/www/recipes-ocserv-2fa.html#Duo). I found out that on a single ocserv server, when a login process is in progress for a user and waiting for Duo user's approval on a smartphone, ocserv is not able to handle a second user authentication during this period, and it has to wait for the first authentication to end. Login process for this 2nd user will never prompt and the connection will just be aborted after a few seconds. This is not a big issue when we deal with a low amount of users, as probability to have 2 or more users connecting at the same time is very low, but it could be very annoying at scale, if we deal with hundreds of users. A user authenticating and taking too much time to approve his/her Duo access will prevent others from connecting. Has anyone experienced a similar issue ? Is it due to ocserv design ? Maybe not allowing parallelism in user authentication ? Thanks for your help. Florian D. _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
