Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SSL VPN RADIUS authentication

Posted on 2011-03-21
4
Medium Priority
?
1,654 Views
Last Modified: 2012-06-22
Hi,
Im having trouble authenticating against my RADIUS server (Win 2008, NPS) using Check Point SSL VPN.

Using Wireshark i can see the "RADIUS Access-Request(1)" packet coming in, but my RADIUS server responds with "RADIUS Access-Reject(3).  The VPN log tells me that the username or password was invalid.  However, I'm 100% sure the login details are correct (AD user). The SSL VPN is working with no problem when using a local firewall user account.

The authentication method is PAP.  Both firewall and server is configured to only use PAP.
My Network Policy is using condition: NAS Port Type: Virtual (VPN), constraints are PAP, SPAP only and the attributes im using are:
Framed Protocol: PPP
Service Type: Framed

I'm thinking maybe it is my attributes that are wrong since the Checkpoint setup is pretty straightforward.  I would appreciate any help on this, especially from anyone who has SSL VPN setup using CheckPoint R70 or newer (i have R75).





0
Comment
Question by:olemrefv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 35180669
Check the shared secret beween the Checkpoint and the RADIUS server.
0
 

Author Comment

by:olemrefv
ID: 35180749
Yes i've done that.  It should be correct.
0
 

Accepted Solution

by:
olemrefv earned 0 total points
ID: 35276177
Problem solved. Removed the Virtual (VPN) conditions in the policy.  
0
 

Author Closing Comment

by:olemrefv
ID: 35321636
Solved.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question