cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Good Day to all,

                         we currently have our checkpoint endpoint vpn authentication which uses username, password and dynamicid which sends an sms to the user in order to complete the logon.

We would like to change the dynamicid portion to Microsoft's two factor authentication. I am aware that a radius server is needed for this, however is there an sk or guide which can help us out on how checkpoint can be configured for this?

Thanks in advance.

7 Replies
Alex_Gilis
Copper

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

0 Kudos
Employee+
Employee+

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Further to the relevant sections of the admin guide please see:

sk114263: Can an Azure Multi-Factor Authentication Server be used as a RADIUS server for Mobile Access authentication?

0 Kudos

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Thank you for your guides will have a look at them.

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Hello, curious if you succeeded in this configuration. I am on it as well with the aim of replacing an RSA AuthMgr.

Simo

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Hi sorry for the late reply, we still haven't got on it yet but will let you know once we get it up and running.

0 Kudos

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Hello


Did you finally configure it?

BR,

Kostas

0 Kudos

Re: Checkpoint endpoint VPN with Microsoft 2-Factor Authentication.

Hello,

fyi  this setup implies:

1) download a RADIUS proxy VM from Microsoft and configure it to talk to our Azure tenancy MFA instance

2) point checkpoint to that internal RADIUS proxy as a MFA provider

 

I was expecting a more direct connection i.e. Checkpoint to my Azure MFA tenancy directly, but it is not the case.

I have not yet investigated aspects like: how does the system behave if Azure MFA is down or not reachable etc? Are there emergency connection procedures etc?

 

Best regards,

Simone

 

0 Kudos