https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80673#M10909 <P>Tagging&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/181">@_Val_</a>,&nbsp;we probably need to treat this as a whitepaper.</P> Thu, 02 Apr 2020 21:35:39 GMT PhoneBoy 2020-04-02T21:35:39Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80371#M10908 <P>Hi Folks,</P> <P>&nbsp;</P> <P>Well this is my first post here, figured I would create a quick document for a few of my customers but there has been a wider interest in it as well.</P> <P>&nbsp;</P> <OL> <LI>Create new public DNS domain</LI> <LI>Added domain as a “Custom domain name” in AzureAD</LI> <LI>Created 2019 AD domain on prem</LI> <LI>Installed NPS onto AD server</LI> <LI>** STOP AND TEST RADIUS **</LI> <LI>Installed Azure AD Connect and began AD sync to cloud</LI> <LI>Installed “Network Policy Server extension for Azure” on top of NPS</LI> <LI>Test</LI> </OL> <P>The way I have it setup is the gateway sends a RADIUS request to MS NPS, NPS auths’s against AD, if successful NPS will send it to AzureAD for OTP creation, MS will then send the OTP via SMS or email to the end user.</P> <P>&nbsp;</P> <P><SPAN>For the full list of White Papers,&nbsp;</SPAN><A href="https://community.checkpoint.com/t5/General-Topics/White-Papers-Publishing-Project/m-p/53242#M10603" target="_blank" rel="noopener">go here</A><SPAN>.&nbsp;</SPAN></P> <P>This is tested with a 750 running latest code as the gateway, SecureClient on the user PC and Capsule VPN on windows10</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>happy to answer questions or provide more info if needed.</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 03 Apr 2020 09:40:01 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80371#M10908 Jonathan_James 2020-04-03T09:40:01Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80673#M10909 <P>Tagging&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/181">@_Val_</a>,&nbsp;we probably need to treat this as a whitepaper.</P> Thu, 02 Apr 2020 21:35:39 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80673#M10909 PhoneBoy 2020-04-02T21:35:39Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80729#M10910 <P>Yes, master, it is a white paper now</P> Fri, 03 Apr 2020 09:38:11 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/80729#M10910 _Val_ 2020-04-03T09:38:11Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/84845#M10911 <P>Hello everyone,</P><P>can someone explain me the option on the Radius settings?</P><P><SPAN>&nbsp;"Ask user for password (will be used to automatically answer the first challenge)".</SPAN></P><P>we are planning to do the same config on SMB devices too and there I dont have this option.</P><P>Thanks in advance.</P> Mon, 11 May 2020 14:25:30 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/84845#M10911 JT_Roomspace 2020-05-11T14:25:30Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/84846#M10912 Hello everyone,<BR /><BR />can someone please explain me this option on the Radius setting.<BR />"Ask user for password (will be used to automatically answer the first challenge)".<BR />Im trying to setup a SMB device and dont have this option.<BR /><BR />thanks in advance Mon, 11 May 2020 14:29:23 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/White-Paper-How-to-configure-C2S-VPN-with-AzureAD-and-2FA/m-p/84846#M10912 JT_Roomspace 2020-05-11T14:29:23Z