CloudFlare ZeroTrust tunnel with cloudflared not timeouting

mikko1 · August 11, 2023, 8:25am

Hi,

I am having an issue that ZeroTrust tunnels do not work as advertised and would need a pointer here.

I have set up an SSH tunnel according to Cloudflare ZeroTrust tutorial (no link here, please make your forum settings more user friendly)
I have set up Global Session Timeout to 24h in ZeroTrust settings
However, despite 24 passed, I am not prompted to re-authenticate, and the tunnel from my local computer is still active

This is a security risk because long-lasting or never expiring sessions can be more easily hijacked than those that re-authenticate regularly.

What is the way to make sure cloudflared tunnel sessions need to be re-authenticated regularly? E.g. the user needs to perform cloudflared login on a local computer or similar action.

Cyb3r-Jak3 · August 11, 2023, 12:32pm

Are you looking for the tunnel itself to expire or users connecting to have to relogin?

mikko1 · August 11, 2023, 1:30pm

A good question.

Users would need to relogin to access the server(s) again
The server should maintain the tunnel without manual intervention