Discover the Future of Cybersecurity:
What’s New in Check Point’s Quantum Firewall R82
Share your Cyber Security Insights
On-Stage at CPX 2025
Simplifying Zero Trust Security
with Infinity Identity!
Zero Trust Implementation
Help us with the Short-Term Roadmap
CheckMates Go:
What's New in R82
Hello everyone,
For anyone using Duo as their 2 factor authentication service, I'd like to share this information:
Duo works flawlessly up till version 4.0.2, once we upgraded to the Duo Auth Proxy 5.0.1 (latest version), upon confirming the Duo Push Notification, the connection to the VPN does not work anymore (Check Point Gateway drops the traffic).
Turns out that in Version 5.0.0 the Duo Authentication Proxy began sending a RADIUS Message-Authenticator attribute (attribute ID 80) in all responses, which the Check Point gateways don't recognize and drop the traffic.
The solution from Check Point (SR was created, resolved, now closed) is to set the radius_ignore value to 80. Smart Console Menu -> Global Properties -> Advanced -> Configure -> FireWall-1 -> Authentication -> RADIUS.
Afterwards the authentication works again. After having contact with the Duo support, they created a KB for that problem as well:
https://help.duo.com/s/article/6328?language=en_US
Apparently this will be resolved in the upcoming Duo authentication release v5.0.2
Greetings,
Chris
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
