- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
This is guide will describe the full setup configuration of a Azure MFA using the Microsoft Authenticator App in combination with an Active Directory on-premises synced with Azure Active Directory.
The scope is based on VPN remote access on premises that will be moved to Azure Cloud IaaS. The authentication is Active directory credentials in combination with Azure MFA.
For the full list of White Papers, go here.
After reading the paper, I think this works with local AD too, without Cloudguard or Azure AD? As it happens, I have a need to combine RADIUS MFA with Identity awareness. Currently we are using RADIUS MFA but the identities won't match AD users even though the used email addresses are the same as in AD accounts.
Hi Sami,
Did you ever managed to apply this solution with on-premis AD and without Cloudguard?
We actually have the older MS MFA component which can no longer be downloaded. The new one uses explicitly the Azure AD sync.
It works with the old one, which syncs user information locally to our on-prem MFA/NPS/Radius server - which in turn talks to Azure to send the authentication verification request to user.
and do you use Cloudgard or regular on-premise VPN?
Just regular on-premise vpn from Check Point gw's. I would assume it works with on-prem vpn with newer Azure MFA + AD sync to Azure, without Cloudguard still.
It should wokr on both as long the initial Radius request is send to the NPS server
sorry for the delay response, no i didn't apply this on premises.
I recommend adding instructions on how to update radius timeouts and retries when using MFA push notifications. 2 retries is too short.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY