This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Norbert_Bohusch
Advisor
‎2019-09-27 04:37 AM

Radius Challenge-Response issue with push token

I am trying to get VPN Radius authentication working with Gemalto SAS/STA cloud solution where I have a push token in use. This means I have two ways of authenticating:

- I open the token on my mobile and enter the display code when asked by VPN client for challenge

- instead of entering the code into the VPN, I can enter "p" so a push to my mobile is sent and can be accepted there.

 

Both versions work fine if I use multiple login options and first option is username/password and second is Radius.

Unbenannt.JPG

 

But if I only use Radius only first option is working (entering code manually). Other option is failing with "negotiation with site failed".

Unbenannt2.JPG

 
 

I did a capture on the gateway with tcpdump to look for Radius traffic and found out that if I only enter a "p", there is no traffic to the radius servers generated. 

 

Has someone an idea who to cope with that?

 

I have tested this with R80.30 SmartCenter and following gateway versions:

- R80.30 JHF T50

- R80.10 JHF 169 + machine certificate authentication hotfix

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2019-09-27 08:32 AM

Sounds like a bug and you should probably open a TAC case.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events