This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Bac26
Contributor
‎2023-03-23 07:55 AM

Remote Access Vpn SMB two factor autenthication

Hello

Is it possible to use Microsoft Authenticator as second factor for Remote VPN access to SMB series centrally managed via Smart-1 Cloud

Any guide can refer too?

Thank you

0 Kudos
8 Replies
Chris_Atkinson
Employee Employee
Employee
‎2023-03-23 08:32 AM

Believe this is currently a limitation, refer: sk178604

Will check if it's planned to be resolved in the next release and revert.

CCSM R77/R80/ELITE
0 Kudos
Bac26
Contributor
‎2023-03-23 08:41 AM
In response to Chris_Atkinson

so kind MFA can you use? any suggestion?

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-03-23 08:44 AM
In response to Bac26

Anything Radius based would likely work here. Possibly a integration via Microsoft NPS as an intermediary?

Recommended R81.10.x in this case so you have access to Radius 2.0

CCSM R77/R80/ELITE
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-03-23 04:53 PM
In response to Bac26

Radius is a workaround and not listed there as a limitation?

CCSM R77/R80/ELITE
0 Kudos
PhoneBoy
Admin
Admin
‎2023-03-23 06:19 PM

My understanding from talking with R&D is that the latest firmware (R81.10.05) has support for Remote Access SAML integrated.
However, because it has not been tested by QA to confirm it, it is still listed as a known limitation.
Assuming your Smart-1 Cloud tenant is on R81.20, then you should be able to apply the following: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Having said that, this isn’t formally supported (yet).
If you want formal support, I recommend engaging with your Check Point SE.

Otherwise, you’re limited to using RADIUS + NPS as @Chris_Atkinson suggested.

0 Kudos
Bac26
Contributor
‎2023-03-24 12:27 AM
In response to PhoneBoy

So beside it not using radius can you use any other multifactor authentication?

0 Kudos
PhoneBoy
Admin
Admin
‎2023-03-24 12:37 PM
In response to Bac26

If the gateway was locally managed (not with Smart-1 Cloud) AND you were running the latest release, you could do MFA over Email or SMS.
Otherwise, you’re limited to using RADIUS or maybe TACACS.
Or try the SAML approach and share your feedback 🙂

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events
    li.common.scroll-to.top