This indicates the auth failed, which makes sense as we use radius with 2fa code added with the password.
My query is the client has no indication that the connection was interrupted in the logs , so why is the reauth happening? Wireguard by nature is connectionless , is this related to the WG ping and timeout setting in the server?
Auto reconnect is disabled, yet an auth was sent to the radius server.
This affects our 2fa keys which have a max fail counter
is there a doc page that explains the pritunl wireguard connection lifecycle
Edit: what confuses me more is I can simulate a “connection break” by switching to my 2nd isp , but this does not trigger the above reauth
There is connection management in the Pritunl client and server for WireGuard connections. This is documented in the WireGuard documentation section.
For both OpenVPN and WireGuard connections an authentication verification is done every hour. This would disconnect existing connections in the event that the single sign-on user no longer had valid status with the single sign-on provider. This can be disabled by running sudo pritunl set app.sso_connection_check false.