Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Leonid_German
Participant

RADIUS Authentication over Site-to-Site VPN 1450 self managed

I have 1450 self-managed device.
I have set up a Radius Server to authenticate remote-access VPN clients. The Radius server is located at a remote site connected via Site-to-Site VPN on the same gateway the clients connect to.

Authentication fails because the request to the Radius server does not go through the VPN tunnel. Logs show traffic is accepted by an implied rule and consequently not encrypted.

0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend

Is the RADIUS IP included in VPN encryption domain ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Leonid_German
Participant

Yes , it is.
Ping from the internal interface is working  (ping -I).

0 Kudos
tomando11
Explorer

I've just gone through the same thing and managed to resolve it.
Device>Advanced Settings

Tick the box in the image for 'Use internal IP address for encrypted connections from local gateway'.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Just for reference: https://support.checkpoint.com/results/sk/sk119415 contains this solution and the one for Centrally Managed SMBs !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events