cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

2-Factor Authentication in CheckPoint with smtp.Office365.com

Dear CheckMates,

I would like to get some inputs on the below.

1. In CheckPoint GW R77.30 managed by R80.10 Mgmt server - MobileBlade configured.

2. Configured 2FA for DynamicId

3. SMTP server is Office365  (smtp.office365.com)

4. Once username, pwd entered - getting error: "Failed to send SMS parameter, please contact administrator."

5. When checked with Office365 team, they replied that any "FROM" mail sent from CheckPoint towards their Office SMTP server - they had set authenticated for that "MAIL FROM:"

I had performed in my Lab environment with free SMTP mail server and made unauthenticated - It works great.

I would like to know without Unauthenticated settings in Office365 will it work?

Or anyone achieved getting DynaicID between CheckPoint and Office365 SMTP server.

Regards, Prabulingam.N

9 Replies
Kim_Moberg
Silver

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Hi 

Did you check this link?

https://community.checkpoint.com/thread/9091-dynamic-id-and-2way-sms-provider

Best regards

Kim

Best Regards
Kim
0 Kudos

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Dear Kim,

Yes, checked as well.

Also in my setup, the customer would like to get 2FA only thru EMail and not SMS.

This works well in my Lab if I have Unauthenticated SMTP mail server.

But customer using smtp.office365.com where if CheckPoint sends FROM: - they expect this address to have authentication.

Regards, Prabulingam

0 Kudos
Kim_Moberg
Silver

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Isn’t because smtp.office365.com required to use port 587, and starttls or tls with the same user auth and from: address have to be the same?

Br

Kim


Best Regards
Kim
0 Kudos

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Yes Kim.

Also Office365.smtp when receive email FROM: which has authenticated, CheckPoint dont have such Authenticated set for FROM MAIL:

So it doesn't accept Unauthenticated FROM MAIL:

Rg, Prabu

0 Kudos
Kim_Moberg
Silver

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Ah now I understand.

I thought you had it running in your lab but with a different smtp provider than office365.

Br

Kim

Best Regards
Kim
0 Kudos

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Dear Kim,

In my Lab i setup normal SMTP mail server without authentication and it works great, got Dynamic ID.

But customer has SMTP.office365.com which is Authenticated in Port:587 STARTTLS.

So they expect any FROM MAIL: address to be Authenticated only.

Rg, Prabu

0 Kudos
Kim_Moberg
Silver

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Dear Prabu

Did you was a workaround set up a stunnel on a device ourside Check Point?

You you can connect un-authenticad to eg stunnel and the pipe/connect to smtp.office365.com which will autheticate?

Of course not the best Secure solution.

BR

Kim

Best Regards
Kim
0 Kudos
Admin
Admin

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

As near as I can tell, there’s not an option to support authenticated SMTP with the DynamicID configuration.

Will have to look into it further.

0 Kudos

Re: 2-Factor Authentication in CheckPoint with smtp.Office365.com

Yes Dameon,

Hope as per this sk113164 & sk144712 - the above supported from R80.20.

Regards, Prabu

0 Kudos