This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
Alex-
Advisor
‎2020-08-23 12:40 PM

VSX R80.40 - Remote access and RADIUS

Jump to solution

I've been configuring remote access on VSX R80.40 with the latest GA Take. Both TLS portal and Mobile clients work with username/password, and I've been following the various documentations to configure RADIUS authentication.

However as soon as I try with RADIUS authentication set, it immediately fails with "1st factor RADIUS - Server not responding". 

In $FWDIR/log/vpnd.elg, there is the message that no RADIUS servers are responding. The thing is that I don't see any logs or fw monitor which show any RADIUS packets being sent by the VS, a tcpdump on the RADIUS server doesn't either. In terms of connectivity, it's all good, ping from the VS to the RADIUS goes through another VS and there it works.

If I switch back to username/password (provided by Identity Collector), it works immediately.

I'm probably missing something here, any hint would be appreciated.

0 Kudos
1 Solution

Accepted Solutions
JanVC
Collaborator
‎2020-08-24 12:18 AM

Jump to solution

in the settings on the VS firewall object you can choose who goes to the RADIUS server, VS0 (default) or the VS in question where you configured the RADIUS setup

 

EDIT: added crappy screenshot

VS settings => Other => Legacy Authentication => Shared to Private

View solution in original post

Preview file
192 KB
4 Replies
PhoneBoy
Admin
Admin
‎2020-08-23 08:10 PM

Jump to solution

@Royi_Priov any suggestions here?

0 Kudos
Royi_Priov
Employee
Employee
‎2020-08-23 11:03 PM

Jump to solution

I suggest investigating with TAC.

Thanks,
Royi Priov
Group manager, Identity Awareness R&D
0 Kudos
JanVC
Collaborator
‎2020-08-24 12:18 AM

Jump to solution

in the settings on the VS firewall object you can choose who goes to the RADIUS server, VS0 (default) or the VS in question where you configured the RADIUS setup

 

EDIT: added crappy screenshot

VS settings => Other => Legacy Authentication => Shared to Private

Preview file
192 KB
Alex-
Advisor
‎2020-08-24 01:44 AM
In response to JanVC

Jump to solution

Thanks, looks like it was it, now to troubleshoot the RADIUS side.

0 Kudos