This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jonathan
Collaborator
‎2024-04-14 11:58 PM

SSLVPN with Google Auth and ADselfservice as MFA

Hi,

We use two methods for remote access VPN connections (R81.10):


1. Checkpoint Mobile Client for VPN connections using certificates.
2. Checkpoint SSLVPN, with login method of AD user + DynamicID.

For the SSLVPN, we want to ADD ANOTHER login method of AD user + Google Auth, and we want to utilise ADSelfservice solution for this, which uses Windows NPS as a RADIUS server:
https://www.manageengine.com/products/self-service-password/multi-factor-authentication-for-secured-...

I've read several Checkpoint guides of how to set up RADIUS server, which involves, among other things, changing attributes in GUIdbedit and assigning the RADIUS server to the gateway.
I'm affraid these changes will affect the currently active login methods (Checkpoint Mobile and SSLVPN).

Can anyone shed some light about this process?
Also, does anyone has any experience with the ADSelfservice solution?

Thanks

Labels
0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend
‎2024-04-15 03:30 AM

Why not contact CP TAC to get help here?

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Jonathan
Collaborator
‎2024-04-15 05:04 AM
In response to G_W_Albrecht

I usually get a lot of help and good advises from this community, so I thought of trying here first 😁

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2024-04-16 02:00 AM
In response to Jonathan

I would rather do both 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin
‎2024-04-15 08:48 AM

Am not familiar with ADselfservice.
Do they provide a specific integration guide for Check Point that we can review?

I assume as long as both solutions don't require conflicting RADIUS attributes to be defined, it should work.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events