Create a Post
bookman
Contributor

Checkpoint - Load balancing Azure MFA NPS Radius for VPN service via GTM

Hi All ,

 

We have a requirement to load balance the MFA requests to NPS Radius server ( backed by Azure server ) via GTM load balancer.

 

The setup looks like this

VPN User >> Checkpoint ( acts has 1FA ) >> GTM >> 1st NPS radius server or 2nd NPS radius server ( based on their availability and both the NPS radius servers have Azure in the backend serves has MFA )

Attached is the image for the same.

Can someone please advise if this works from the Checkpoint side , what are the limitations on the Checkpoint GW to configure this setup and does checkpoint supports this architecture .

 

Appreciate any feedback . Thanks.

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

The gateway can actually query multiple RADIUS servers directly if so configured.
I'm not sure why you need to explicitly use a load balancer for this, though I don't see any reason why it wouldn't work.

0 Kudos
bookman
Contributor

Hi @PhoneBoy  ,

 

Thanks for your response.

 
Infact we have a setup with Multiple radius servers configured currently and We have observed one of the Radius server getting high load and delay in response and that's the reason we are planning to go with this setup.
 
Wondering if deploying Load balancer in between Checkpoint gateway and Radius servers will work properly and don't have any limitations.
 
Thanks in advance.

 

0 Kudos
PhoneBoy
Admin
Admin

Don't believe it's something we've explicitly tested.

0 Kudos
bookman
Contributor

Thanks for your prompt response.

 

You mean to say the setup  will work without any issues ?

0 Kudos