Improve company productivity with a Business Account.Sign Up

x
?
Solved

Checkpoint Sofa Firewall version 6.5.43 uable to authenticate users via VPN

Posted on 2008-10-09
3
Medium Priority
?
1,299 Views
Last Modified: 2013-11-16
I have a Checkpoint firewall that is of course used for security, but also VPN access.  In the past users would VPN to the public IP of this firewall, using their domain credentials to authenticate.  For whatever reason users are now unable to VPN with their domain credentials.  If I attempt to VPN it fails - within the Checkpoint Event Log I can see this failed attempt (ip address is censored):
"Connection from ip 7x.9x.1xx.7x with user sknoll failed. Reason of failure :User authentication by VPN-1 failed."

We have disabled VPN, rebooted.  Re-enabled VPN, rebooted and still no success.

Yes, if we create local users within the Firewall I can log in this way, however we would like to  authenticate our domain credentials.
0
Comment
Question by:sknoll84
  • 2
3 Comments
 
LVL 4

Expert Comment

by:yurisk
ID: 22685043
I've seen this problem with one of our clients after all his boxes upgraded automatically
to the newest firmware 7.5.55 - local authentication worked fine, Radius against AD didn't work with VPNs. We started process with CHeckpoint/Sofaware TAC but client had
no time to wait for them to come up with something and just downgraded his boxes back to 7.0.48, that solved the problem immediately.
0
 

Author Comment

by:sknoll84
ID: 22688385
I learned about the RADIUS server functionality this morning - pretty interesting.
We are going to reboot our Primary RADIUS server this afternoon, hopefully this will help.
0
 

Accepted Solution

by:
sknoll84 earned 0 total points
ID: 22691027
we rebooted the radius server and now the vpn work just fine.
of course we tried restarting services first but we didnt have any success with that.
0

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Did you know PowerShell can save you time with SaaS platforms? Simply leverage RESTfulAPIs to build your own PowerShell modules. These will kill repetitive tickets and tabs, using the command Invoke-RestMethod. Tune into this webinar to learn how…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question