This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Madmaks
Contributor
4 hours ago

VPN 2FA SMS Authentication via GSM Provider API - Parameter Matching Issue

Hello,

We are currently using Check Point R81.20 for VPN access, and we are performing primary authentication with username and password. However, we would like to implement secondary authentication via SMS using  SMS Provider API. (Provider Name  NetGSM)

Our issue involves the mismatch of parameter names between Check Point’s intended API request and the parameters expected by Netgsm. The two systems require different parameter names, and we need to ensure they match correctly.

Details:

  1. Check Point API URL Format:

    Check Point intends to use the following URL format for SMS authentication 

    https://api.example.com/http/sendmsg?api_id=$APIID&user=$USERNAME&password=$PASSWORD&to=$PHONE&text=$MESSAGE

    The parameters used in this URL are:

    • api_id=$APIID: API ID.
    • user=$USERNAME: API username.
    • password=$PASSWORD: API password.
    • to=$PHONE: Phone number to send the SMS to.
    • text=$MESSAGE: The message body to send (e.g., the OTP code)
    •  
  2. Netgsm (sms Provider) API URL Format: 

    Netgsm’s API expects the following URL format:

    https://api.netgsm.com.tr/sms/send/otp?usercode=$USERCODE&password=$PASSWORD&msgheader=$MSGHEADER&msg=$MESSAGE&no=$PHONE

    The parameters in Netgsm's API are:

    • usercode=$USERCODE: Netgsm API username.
    • password=$PASSWORD: Netgsm API password.
    • msgheader=$MSGHEADER: Message header (optional).
    • msg=$MESSAGE: The message body to send (e.g., the OTP code).
    • no=$PHONE: Phone number to send the SMS to.

Issue:

The parameter to=$PHONE used by Check Point in its API request is mismatched with no=$PHONE in Netgsm's API. Additionally, other parameters such as username, password, and message content are also named differently. This mismatch prevents the systems from correctly processing the SMS request.

The SMS provider, Netgsm, has stated that they cannot modify their format, and we are required to comply with their format.

 

0 Kudos
2 Replies
G_W_Albrecht
Legend Legend
Legend
3 hours ago

Afaik the values for e.g. Phone number are sent, not the parameter names !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Madmaks
Contributor
3 hours ago
In response to G_W_Albrecht

Hello,

Thank you for your response.

Yes, the phone number is being sent, but the issue is that Check Point expects the phone number to be sent as to=$PHONE, while the SMS provider (Netgsm) expects it to be in the format of no=$PHONE.

We need to map the phone number correctly from to=$PHONE in Check Point to no=$PHONE in the Netgsm API.

Thank you.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events