• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Company · Blog · Newsletter · Events · Partner Program

Downloads      Support      Security     Admin Login
Rublon

Rublon

Secure Remote Access

  • Product
    • Regulatory Compliance
    • Use Cases
    • Rublon Reviews
    • Authentication Basics
    • What is MFA?
    • Importance of MFA
    • User Experience
    • Authentication Methods
    • Rublon Authenticator
    • Remembered Devices
    • Logs
    • Single Sign-On
    • Access Policies
    • Directory Sync
  • Solutions
    • MFA for Remote Desktop
    • MFA for Remote Access Software
    • MFA for Windows Logon
    • MFA for Linux
    • MFA for Active Directory
    • MFA for LDAP
    • MFA for RADIUS
    • MFA for SAML
    • MFA for RemoteApp
    • MFA for Workgroup Accounts
    • MFA for Entra ID
  • Customers
  • Industries
    • Financial Services
    • Investment Funds
    • Retail
    • Technology
    • Healthcare
    • Legal
    • Education
    • Government
  • Pricing
  • Docs
Contact Sales Free Trial

Rublon 2FA for OpenVPN – FAQ

February 19, 2021 By Rublon Authors

Last updated on September 18, 2024

OpenVPN FAQ

Why am I not able to establish a VPN connection?

Make sure you have configured an appropriate Firewall rule under Firewall → Rules.

Why am I getting a Mobile Push login request from Rublon after OpenVPN authentication times out?

If you receive a Mobile Push or Email Link login request from Rublon right after your login attempt was rejected by OpenVPN, set AUTH_TIMEOUT in Rublon Authentication Proxy’s config file to be slightly longer than Authentication Timeout in the form, for example:

Authentication Timeout: 60
AUTH_TIMEOUT: 90

This ensures no pushes or emails are sent for already rejected logins.

I’m asked to reauthenticate after some time.

You probably forgot to set the reneg-sec n option (or the value you set does not fit your needs). The reneg-sec n option allows you to change the time (in seconds) after which a data channel key renegotiation happens. Set to reneg-sec 0 to never have to authenticate again as long as you don’t disconnect. Setting the option to 0 should fix the issue. If you do not want to generate and export a new OpenVPN configuration file again, you can edit your OpenVPN configuration file manually:

1. Go to your OpenVPN configuration file directory (C:\Program Files\OpenVPN\config by default) and open your configuration file (*.ovpn). Note that you are going to need administrator privileges to change the file, so run the file as administrator.
2. Add the following line to the end of the file: reneg-sec 0. If your file already contains a reneg-sec n option, change its value to 0.
3. Save the file.
4. Note that for these changes to work there needs to be reneg-sec 0 set on the OpenVPN server side too.

Why do I receive another Mobile Push/Email Link although I already approved the 2FA challenge?

This usually happens when 2FA is accepted during OpenVPN’s connect-retry time. Change the hand-window option inside OpenVPN’s config to a higher value (default is 60, we recommend 120 seconds), and make sure this value is higher by at least 10 seconds than the AUTH_TIMEOUT set in Rublon Authentication Proxy (default: 90 seconds).

Related Posts

Rublon 2FA for OpenVPN with pfSense

Filed Under: Documentation

Primary Sidebar

Contents

  • OpenVPN FAQ
    • Why am I not able to establish a VPN connection?
    • Why am I getting a Mobile Push login request from Rublon after OpenVPN authentication times out?
    • I’m asked to reauthenticate after some time.
    • Why do I receive another Mobile Push/Email Link although I already approved the 2FA challenge?
  • Related Posts
Try Rublon for Free
Start your 30-day Rublon Trial to secure your employees using multi-factor authentication.
No Credit Card Required


Footer

Product

  • Regulatory Compliance
  • Use Cases
  • Rublon Reviews
  • Authentication Basics
  • What is MFA?
  • Importance of MFA
  • User Experience
  • Authentication Methods
  • Rublon Authenticator
  • Remembered Devices
  • Logs
  • Single Sign-On
  • Access Policies
  • Directory Sync

Solutions

  • MFA for Remote Desktop
  • MFA for Windows Logon
  • MFA for Remote Access Software
  • MFA for Linux
  • MFA for Active Directory
  • MFA for LDAP
  • MFA for RADIUS
  • MFA for SAML
  • MFA for RemoteApp
  • MFA for Workgroup Accounts
  • MFA for Entra ID

Industries

  • Financial Services
  • Investment Funds
  • Retail
  • Technology
  • Healthcare
  • Legal
  • Education
  • Government

Documentation

  • 2FA for Windows & RDP
  • 2FA for RDS
  • 2FA for RD Gateway
  • 2FA for RD Web Access
  • 2FA for SSH
  • 2FA for OpenVPN
  • 2FA for SonicWall VPN
  • 2FA for Cisco VPN
  • 2FA for Office 365

Support

  • Knowledge Base
  • FAQ
  • System Status

About

  • About Us
  • Blog
  • Events
  • Co-funded by the European Union
  • Contact Us

  • Facebook
  • GitHub
  • LinkedIn
  • Twitter
  • YouTube

© 2025 Rublon · Imprint · Legal & Privacy · Security

  • English