Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Georgi_Lyaskov
Participant
Jump to solution

SMB - disable default username and password authentication

Hello Checkmates,

I found very useful information here about the SMB appliances and how to start Remote-Access VPN with certificate authentication. I'm curious to know is there a why to disable the default username and password authentication?

0 Kudos
1 Solution

Accepted Solutions
Pedro_Espindola
Advisor

You are correct. On SMB appliances it is only possible with 3rd party products. You can use a Radius server which takes care of the 2FA for you.

View solution in original post

0 Kudos
5 Replies
Georgi_Lyaskov
Participant

Just to clarify - Now remote users can connect with SecuRemote VPN or Capsule VPN client with either Username and Password authentication or certificates. I want to force the clients to use only certificates and disable the username- password authentication for VPN at all.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

These are the methods to configure remote access users on locally managed SMBs:
• Local users
• RADIUS users
• AD users

Certificates are accepted (if known).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend

The answer is easy: CP password has a length between 4 and 8 characters and may contain no spaces . In times of 2FA this is rather a weak solution...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Georgi_Lyaskov
Participant

Yes, 2FA will be the best, but as I see it is not natively supported on SMB appliances and is possible only with 3rd party products, or I'm missing such solution from Checkpoint?

0 Kudos
Pedro_Espindola
Advisor

You are correct. On SMB appliances it is only possible with 3rd party products. You can use a Radius server which takes care of the 2FA for you.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events