This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Heath_Mote
Collaborator
‎2024-08-12 01:06 PM

Issues with CP RADIUS using Duo Auth after installing MS KB5040430 or KB5040434

This is an issue we are trying to cover all products in the chain and I wanted to reach out to the community to see if there was anyone else experiencing the issue as we have.

The issue seen is that we run Windows updates, as we normally do, but when we run these updates in the subject on a Windows server running the Duo Authentication Proxy we then start seeing issues with Check Point RADIUS authentications. In the CP logs we get the message of RADIUS server not found.

So we have auth failures with CP Mobile Access VPNs setup to use Duo as well as CP Management access setup to auth through RADIUS/Duo.

I wasn't going to reach out here, but we have an external VPN running Cisco Secure Client and AnyConnect that does not have an issue at all with these updates and function as it should. The only issues currently seems to be with CP.

Is anyone else with this combo of CP/Duo/Windows having these same issues? Thanks!

0 Kudos
9 Replies
Lesley
Mentor Mentor
Mentor
‎2024-08-12 01:22 PM

I would put my money on this SK:https://support.checkpoint.com/results/sk/sk42184

Would also recommend to cpstop;cpstart the relevant system after all steps taken. 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
Heath_Mote
Collaborator
‎2024-08-12 01:37 PM
In response to Lesley

That does look promising. We'll set it up in the lab tomorrow. Thanks!

0 Kudos
the_rock
Legend
Legend
‎2024-08-12 01:38 PM
In response to Lesley

I had  3 customers try that sk before and sadly did not help.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-08-12 01:36 PM

100% it has to do with windows update and pretty much for now, thats the best option to fix it, uninstall the updates.

Andy

0 Kudos
Heath_Mote
Collaborator
‎2024-08-12 01:38 PM
In response to the_rock

That's what we've been doing but I'm not holding out on MS fixing it anytime soon. We haven't found anything on this from any front yet. Thanks for the reply!

0 Kudos
the_rock
Legend
Legend
‎2024-08-12 01:40 PM
In response to Heath_Mote

Personally, considering they cant fix January windows 10 update thats broken, no offense, it highly unlikely they will fix this any time soon lol

Andy

0 Kudos
Heath_Mote
Collaborator
‎2024-08-12 01:59 PM
In response to the_rock

Agreed. Just kinda sad that the only issue we are seeing is tied to CP.

0 Kudos
the_rock
Legend
Legend
‎2024-08-12 02:01 PM
In response to Heath_Mote

I hear ya...lets hope it all goes back to normal soon.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2024-08-12 03:27 PM

I suspect this is related to the fixes needed to mitigate BLAST RADIUS: https://support.checkpoint.com/results/sk/sk182516
A possible workaround for this would be to implement: https://support.checkpoint.com/results/sk/sk42184 
Fixes for this have not yet been rolled into the JHF.
Best to consult with TAC here.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events
    Top