Resilient connection: why the tunnel doesn't drop when your session expires

May 14, 2026 5 min read

sessiontunnelresiliencetibiarubinot

Ever wondered what happens if the PingArmor authentication server becomes unstable while you’re mid-hunt? Or if your password gets changed on another device during a match?

Short answer: the tunnel keeps working. The long answer is interesting.

Two independent layers

PingArmor keeps two things running at the same time, and they’re separated by design:

The tunnel — the encrypted connection that protects your game from internet fluctuations. It’s the heart of the product.
The session — the “login” that proves you’re an active subscriber. Renewed every 30 seconds.

Separation matters: when one of the two has a problem, the other keeps going. You never lose your character over an administrative detail.

If the authentication server gets unstable (your internet wobbled, or the server had a micro-glitch), a yellow banner appears:

Reconnecting to the authentication server

Attempt 2 — tunnel kept active.

What happens behind the scenes:

The app retries with increasing intervals: 30 seconds, 1 minute, 2 minutes, 5 minutes.
The tunnel is not touched. You keep playing.
When it reconnects, the banner disappears on its own and a discreet notification appears in the Windows tray (“Connection restored”).

You don’t need to do anything. If the issue persists, it’s more likely your internet — check that before assuming the app has a problem.

If the server explicitly rejected your session (for various reasons), a red banner appears with a countdown:

Session lost

Session invalidated by the server.

Shutting down in 09:30

The 6 possible reasons:

Reason	When it happens	Tolerance window
Session invalidated	Login from another PC, or admin revoked your session	10 minutes (auto-extended if a game is open, up to 30 min)
Account disabled	Administrator suspended your account	1 minute, no extension
License expired	Your subscription ended	10 minutes, no extension
Password changed	You changed the password on another device or on the website	1 minute, no extension
Token expired	Your session reached the 30-day limit	10 minutes (auto-extended if a game is open, up to 30 min)
Token invalid	App configuration was corrupted	No tolerance — logs out immediately

The banner shows which reason applied. In all cases except “token invalid”, you have a few minutes to click RE-AUTHENTICATE and return to normal.

Clicking RE-AUTHENTICATE opens a quick window asking for your password (and 2FA code if applicable):

Re-authenticate

Password TOTP code (if applicable)

Your session is renewed immediately, the banner disappears, and the tunnel stays active — no disconnect from the game.

The special 30-minute rule

This is the most interesting part. When the reason is “Session invalidated” and you’re playing, PingArmor is particularly patient:

Session lost

Session invalidated by the server.

Shutting down in 24:48

Tunnel kept active — game detected. Re-authenticate before closing your connection.

It starts at 10 minutes. If the countdown reaches zero while you’re still playing, the app automatically extends by 5 more minutes, displays the yellow line “Tunnel kept active — game detected”, and notifies you via a Windows tray balloon. This can happen up to 4 times.

Absolute total: 30 minutes. Enough time to finish your hunt and re-authenticate calmly. On the last extension, a highlighted red warning appears: “Last extension — tunnel will be shut down.” — after that, even with a game open, the tunnel goes down.

Why this limit?

30 minutes is the balance between protection and abuse. If we allowed infinite extensions, someone could stay offline from their account indefinitely while playing. 30 minutes is more than enough to finish what you’re doing and handle the administrative side.

A trick that doesn’t work

Closing and reopening the app to reset the countdown doesn’t help. PingArmor saves the moment the issue started. If you reopen after the 30 minutes, it logs out immediately without giving new tolerance. That protection guarantees the limit is real.

Trust device: skip the TOTP

If you use 2FA (TOTP), typing the code every time is annoying. That’s why the TOTP screen has a “Trust this device for 30 days” checkbox:

Trust this device for 30 days Do not prompt for TOTP again on this computer.

Check the box once, and the next logins from the same PC skip directly to the dashboard without asking for a code. The timer is renewed at each login.

Security: if you change your password, disable TOTP, or use “forgot password”, trust is automatically cleared. The next login requires the code again — no loopholes.

Philosophy

Behind all this lies a clear product decision: protecting your game is what matters. Account, payment, session issues are annoying but shouldn’t drop you mid-match. PingArmor gives you reasonable time to resolve them, and only disconnects when there’s truly no other way. In parallel, there’s always a button at hand to solve it on the spot.

It’s the same philosophy as automatic failover (when one internet drops, the other takes over without you noticing) and the specific /32 routes (surgical protection without affecting the rest of the network).

Got questions? Check the updated FAQ or reach us at [email protected].

Protect your connection now

Try PingArmor free for 3 days. No credit card required.

Try free for 3 days