Who rated this post

cancel
Showing results for 
Search instead for 
Did you mean: 
Rodrigo_Silva
Contributor

Checkpoint VPN with Microsoft 2-Factor Authentication

Hello everyone

I would like to share with you how I managed to get VPN users to use Microsoft Azure Multi-Factor Authentication.

I saw in some posts that this was possible by using MFA Server, but Microsoft stopped offering MFA Server on July 1, 2019.


What I needed to do:

1 - Office 365 users with MFA enabled.

2 - Dedicated NPS Server.
All Radius requests made to this server will have MFA directed to Microsoft.

3 - NPS extension for Azure MFA
This extension will direct your MFA requests to Microsoft.
You can find the installation and download instructions at the link below.

https://docs.microsoft.com/pt-br/azure/active-directory/authentication/howto-mfa-nps-extension#sync-...

The user can define which method will be used in the Microsoft portal.

I tested the methods below on VPN Clients, Mobile Access and Capsule Workspace and they all worked perfectly.

- Notification through mobile app
- Verification code from mobile app
- Text message to phone

I hope this post helps you

Good luck

(2)
Who rated this post