This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Alex-
Leader Leader
Leader
‎2020-08-23 12:40 PM
Jump to solution

VSX R80.40 - Remote access and RADIUS

I've been configuring remote access on VSX R80.40 with the latest GA Take. Both TLS portal and Mobile clients work with username/password, and I've been following the various documentations to configure RADIUS authentication.

However as soon as I try with RADIUS authentication set, it immediately fails with "1st factor RADIUS - Server not responding". 

In $FWDIR/log/vpnd.elg, there is the message that no RADIUS servers are responding. The thing is that I don't see any logs or fw monitor which show any RADIUS packets being sent by the VS, a tcpdump on the RADIUS server doesn't either. In terms of connectivity, it's all good, ping from the VS to the RADIUS goes through another VS and there it works.

If I switch back to username/password (provided by Identity Collector), it works immediately.

I'm probably missing something here, any hint would be appreciated.

0 Kudos
1 Solution

Accepted Solutions
JanVC
Collaborator
‎2020-08-24 12:18 AM
Jump to solution

in the settings on the VS firewall object you can choose who goes to the RADIUS server, VS0 (default) or the VS in question where you configured the RADIUS setup

 

EDIT: added crappy screenshot

VS settings => Other => Legacy Authentication => Shared to Private

View solution in original post

image.png
Preview file
192 KB
4 Replies
PhoneBoy
Admin
Admin
‎2020-08-23 08:10 PM
Jump to solution

@Royi_Priov any suggestions here?

0 Kudos
Royi_Priov
Employee
Employee
‎2020-08-23 11:03 PM
Jump to solution

I suggest investigating with TAC.

Thanks,
Royi Priov
R&D Group manager, Infinity Identity
0 Kudos
JanVC
Collaborator
‎2020-08-24 12:18 AM
Jump to solution

in the settings on the VS firewall object you can choose who goes to the RADIUS server, VS0 (default) or the VS in question where you configured the RADIUS setup

 

EDIT: added crappy screenshot

VS settings => Other => Legacy Authentication => Shared to Private

image.png
Preview file
192 KB
Alex-
Leader Leader
Leader
‎2020-08-24 01:44 AM
In response to JanVC
Jump to solution

Thanks, looks like it was it, now to troubleshoot the RADIUS side.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top