Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1681
  • Last Modified:

SSL VPN RADIUS authentication

Hi,
Im having trouble authenticating against my RADIUS server (Win 2008, NPS) using Check Point SSL VPN.

Using Wireshark i can see the "RADIUS Access-Request(1)" packet coming in, but my RADIUS server responds with "RADIUS Access-Reject(3).  The VPN log tells me that the username or password was invalid.  However, I'm 100% sure the login details are correct (AD user). The SSL VPN is working with no problem when using a local firewall user account.

The authentication method is PAP.  Both firewall and server is configured to only use PAP.
My Network Policy is using condition: NAS Port Type: Virtual (VPN), constraints are PAP, SPAP only and the attributes im using are:
Framed Protocol: PPP
Service Type: Framed

I'm thinking maybe it is my attributes that are wrong since the Checkpoint setup is pretty straightforward.  I would appreciate any help on this, especially from anyone who has SSL VPN setup using CheckPoint R70 or newer (i have R75).





0
olemrefv
Asked:
olemrefv
  • 3
1 Solution
 
Craig BeckCommented:
Check the shared secret beween the Checkpoint and the RADIUS server.
0
 
olemrefvAuthor Commented:
Yes i've done that.  It should be correct.
0
 
olemrefvAuthor Commented:
Problem solved. Removed the Virtual (VPN) conditions in the policy.  
0
 
olemrefvAuthor Commented:
Solved.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now