UTM 9 using Sophos IPSec Client and OTP....VPN re-key causes session to drop

Question

Hi All, 
 Currently using UTM 9.4 with the Sophos IPSec Client and OTP authentication. 
 We are experiencing an issue where after 90mins usage the VPN drops during re-key with a username/password failure. 
 The users are using OTP for auth. 
 If we take them off OTP and use a static password then they session happily runs for hours on end without issue. 
 Anybody got any ideas on how to get OTP to even prompt for a password re-entry during re-key. 
 
 Thanks

Padraig O'Reilly · Answer

Hi All, 
 What I am experiencing is confirmed by support as a limitation of the UTM when using an IPSec tunnel. 
 Using OTP for Xauth will result in the tunnel dropping during re-key. 
 The only option is not to use OTP. 
 SSL VPNs are not affected by this issue.