This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
SriniKrish
Contributor
‎2022-05-17 09:50 PM

SMB 2 FA auth Dynamic url config

Jump to solution

Hi Guys,

I am configuring a SMB 1530 device for 2FA auth using a dynamic URL and I have already acquired the Dynamic URL from a provider.

but unfortunately the GAteway says the format is incorrect with the below error.

""Incorrect Dynamic ID URL Format""

can someone Please clarify  what I am doing wrong?

Yes, the API ID is after password, but then even if I re-align it for the sake of it, it still gives the same error. Pls note I have masked the ID and my phone for privacy.

Appreciate any directions here.

Thanks

Srini

 

 

 

Preview file
31 KB
0 Kudos
2 Solutions

Accepted Solutions
_Val_
Admin
Admin
‎2022-05-18 12:29 AM
In response to SriniKrish

Jump to solution

If configured like that, authentication message will say "Message" and not what you have in the "Message" field, but it is up to you.

Local users do not have 2FA scheme, you need RADIUS. Follow the admin manual, it is explained there.

View solution in original post

(1)
MikeyT
Employee
Employee
‎2022-05-22 10:53 PM

Jump to solution

Hi Srini,

I have successfully configured 2FA with Local users as well as AD users. I used the following configuration using Clickatell 3rd Party SMS Provider (see attached).

Feel free to message me if you have any problem regarding the configuration.

Regards,

Michael Tan

View solution in original post

Preview file
52 KB
7 Replies
_Val_
Admin
Admin
‎2022-05-17 11:53 PM

Jump to solution

It should be $MESSAGE, not Message as in your sample, for starters.

$MESSAGE is a variable

Screenshot 2022-05-18 at 08.52.09.png


0 Kudos
SriniKrish
Contributor
‎2022-05-18 12:15 AM
In response to _Val_

Jump to solution

Hi Val,

 

Thanks for the update,

surprisingly I did re-align the contents and it accepted the string. ( as attached)

another question,

Do I need a RADIUS/AD to use 2FA or can do with a local user ? When I tried SSLVPN it always failed to authenticate when 2FA was enabled. The moment I turn off, the auth goes through.

Curious if RADIUS is a requirement for 2FA or local user is sufficient.

 

Thanks

Srini

Preview file
15 KB
0 Kudos
_Val_
Admin
Admin
‎2022-05-18 12:29 AM
In response to SriniKrish

Jump to solution

If configured like that, authentication message will say "Message" and not what you have in the "Message" field, but it is up to you.

Local users do not have 2FA scheme, you need RADIUS. Follow the admin manual, it is explained there.

(1)
SriniKrish
Contributor
‎2022-05-18 12:33 AM
In response to _Val_

Jump to solution

Hi Val,

 

I understand the $message variable. And I have indeed edited it accordingly already when my auth was failing.

I did think so there wud be a need for RADIUS. I did go through the below link it doesn't state anywhere on the requirement. Instead still shows steps to configure via local user . so was conflicting.

https://sc1.checkpoint.com/documents/SMB_R80.20.35/Help/Locally_Managed/EN/Topics/Configuring-Remote...

Any particular reason why we need RADIUS for 2FA and won't work with Local user ?

Thanks anyways.

 

Best regards

Srini

MikeyT
Employee
Employee
‎2022-05-22 10:53 PM

Jump to solution

Hi Srini,

I have successfully configured 2FA with Local users as well as AD users. I used the following configuration using Clickatell 3rd Party SMS Provider (see attached).

Feel free to message me if you have any problem regarding the configuration.

Regards,

Michael Tan

Preview file
52 KB
SriniKrish
Contributor
‎2022-05-23 07:21 PM
In response to MikeyT

Jump to solution

Hi Mike,

 

Thanks for your input,

Yes, I can confirm that it does work with Local users as well. Looks like my API key was wrong as I was using a developer API.

Works like a breeze now.

@_Val_  Should we be updating the documentation so it helps others too ?

 

Cheers

Srini

0 Kudos
_Val_
Admin
Admin
‎2022-05-23 11:56 PM
In response to SriniKrish

Jump to solution

Not sure I understand. What do you want to change in the documentation?

0 Kudos