The VPN client or server shall implement an authentication timeout that requires periodic re-authentication of the user for active sessions.
The VPN client, server, or other node shall implement an authentication timeout that requires periodic re-authentication of the user for active sessions.
* Test: configure the authentication timeout, establish a VPN connection, after the configured authentication timeout interval, attempt to send traffic via the VPN connection
* Result: no traffic is transmitted until the user has re-authenticated
* Documentation: log messages showing VPN connection establishment, disconnection, re-authentication, packet capture with timestamps synchronized with log messages
* Reference: TR-AUTH
* Objective: Protect VPN connection from unauthorized use
* Preparation: Configure the authentication timeout
* Activities: Establish a VPN connection, after the configured authentication timeout interval, attempt to send traffic via the VPN connection
* Verdict: No traffic is transmitted through the VPN connection => PASS, otherwise FAIL
* Evidence: Log messages showing VPN connection establishment, authentication timeout or disconnection, packet capture with timestamps synchronized with log messages
