Hi All. We have an Azure on-premises MFA Server that is used as a second factor authentication for our Cisco Anyconnect remote access VPN logins. The clients have the option to either authenticate using SMS or third party hardware OATH tokens as a second authentication after providing domain credentials. Once they successfully authenticate they are not asked for second factor authentication for 2 hours (SMS) or 4 hours (hardware OATH token) - so they can disconnect and login successfully from anywhere in this time while their token is still valid.
I would like to ask if there is a way I can edit the lifetime of these tokens ( not sure using the correct terminology here). So lets say they need to re-authenticate using second factor 30 mins after successful login?
I am aware there are some options available for cloud based Azure AD MFA but please note that I need a solution for on-premises standalone Microsoft MFA server.
Many thanks.