SSL VPN Radius with 2factor timout

Question

In Sophos XG, is there any way to increase the timeout for radius servers? 
 I'm having problems using SSL VPN authentication with radius when using 2-factor. If I bypass 2factor, I'm logging in fine. 
 If I enable 2factor, it seems to timeout and I get a second credential prompt before I get to accept the first request, rendering my first request invalid. 
 I've seen this question before and the answer was that the timout is hard coded. However that was a old thread: 
 http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/2812151-authentication-configurable-radius-timeout 
 
 Maybe things have changed?

FloSupport · Accepted Answer

Hi mlawrence 
 [Update] This is a feature ( NC-38557 ) that is planned for SFOS v18, apologies for any inconveniences caused. 
 Regards,

David Ballagh · Answer

I have a further update and a correction from support: 
 
 The fix for NC-8393 will be available in version 17.2 which is due to be released between September or October of this year (2018). Version 17.1 is coming out in the summer but won't have this feature. As for the workaround provided, Google Authenticator is apparently one way to go but saying that the firewall could also be used was a typo. Instead the support engineer meant that One-Time Password could be used in place of multi-factor authentication. OTP can be used for WebAdmin, User Portal, SSL and IPSEC remote access.

sachingurung · Answer

Hi Andre, 
 The feature to configure access server timeout is considered in the ID NC-8393 . It will be added in the future firmware releases. 
 Thanks

sachingurung · Answer

Hi All, 
 The feature is pending and unfortunately, v16 will not see the feature. We have a buffer full of feature requests and the developers will consider these requests on the account of Votes it receives. Please cast your votes and raise a support case to push the development team to prioritize it. I'll start a group conversation for this request and try to prioritize it. 
 Thanks

Chris Shipley · Answer

I hope that's not the only metric you're using to roll requests into future firmware updates. This seems like a critical bug, not a feature request. How do you get them reclassified? People can't even login because there's no way to set the timer and your partners are losing business because of it. Relying on votes for this seems counter intuitive.