Solved

Checkpoint Sofa Firewall version 6.5.43 uable to authenticate users via VPN

Posted on 2008-10-09
3
1,113 Views
Last Modified: 2013-11-16
I have a Checkpoint firewall that is of course used for security, but also VPN access.  In the past users would VPN to the public IP of this firewall, using their domain credentials to authenticate.  For whatever reason users are now unable to VPN with their domain credentials.  If I attempt to VPN it fails - within the Checkpoint Event Log I can see this failed attempt (ip address is censored):
"Connection from ip 7x.9x.1xx.7x with user sknoll failed. Reason of failure :User authentication by VPN-1 failed."

We have disabled VPN, rebooted.  Re-enabled VPN, rebooted and still no success.

Yes, if we create local users within the Firewall I can log in this way, however we would like to  authenticate our domain credentials.
0
Comment
Question by:sknoll84
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Expert Comment

by:yurisk
ID: 22685043
I've seen this problem with one of our clients after all his boxes upgraded automatically
to the newest firmware 7.5.55 - local authentication worked fine, Radius against AD didn't work with VPNs. We started process with CHeckpoint/Sofaware TAC but client had
no time to wait for them to come up with something and just downgraded his boxes back to 7.0.48, that solved the problem immediately.
0
 

Author Comment

by:sknoll84
ID: 22688385
I learned about the RADIUS server functionality this morning - pretty interesting.
We are going to reboot our Primary RADIUS server this afternoon, hopefully this will help.
0
 

Accepted Solution

by:
sknoll84 earned 0 total points
ID: 22691027
we rebooted the radius server and now the vpn work just fine.
of course we tried restarting services first but we didnt have any success with that.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question