CloudFlare ZeroTrust tunnel with cloudflared not timeouting


I am having an issue that ZeroTrust tunnels do not work as advertised and would need a pointer here.

  • I have set up an SSH tunnel according to Cloudflare ZeroTrust tutorial (no link here, please make your forum settings more user friendly)
  • I have set up Global Session Timeout to 24h in ZeroTrust settings
  • However, despite 24 passed, I am not prompted to re-authenticate, and the tunnel from my local computer is still active

This is a security risk because long-lasting or never expiring sessions can be more easily hijacked than those that re-authenticate regularly.

What is the way to make sure cloudflared tunnel sessions need to be re-authenticated regularly? E.g. the user needs to perform cloudflared login on a local computer or similar action.

1 Like

Are you looking for the tunnel itself to expire or users connecting to have to relogin?

1 Like

A good question.

  • Users would need to relogin to access the server(s) again
  • The server should maintain the tunnel without manual intervention