Users seem to be randomly locked out of their Okta. Is there an easy way to monitor the traffic between Okta and the Pritunl admin server to see if additional login attempts are being made? Could this be an issue with the auto reconnect feature?
If push authentication is used without authentication cache and reconnection is enabled it will most likely cause account lockouts. The user will experience unexpected push authentication requests which if denied can lock the account. The client should stop automatically reconnecting after 1 failed authentication attempt. Authentication cache can be enabled in the top right settings.