SSL VPN RADIUS authentication
Posted on 2011-03-21
Im having trouble authenticating against my RADIUS server (Win 2008, NPS) using Check Point SSL VPN.
Using Wireshark i can see the "RADIUS Access-Request(1)" packet coming in, but my RADIUS server responds with "RADIUS Access-Reject(3). The VPN log tells me that the username or password was invalid. However, I'm 100% sure the login details are correct (AD user). The SSL VPN is working with no problem when using a local firewall user account.
The authentication method is PAP. Both firewall and server is configured to only use PAP.
My Network Policy is using condition: NAS Port Type: Virtual (VPN), constraints are PAP, SPAP only and the attributes im using are:
Framed Protocol: PPP
Service Type: Framed
I'm thinking maybe it is my attributes that are wrong since the Checkpoint setup is pretty straightforward. I would appreciate any help on this, especially from anyone who has SSL VPN setup using CheckPoint R70 or newer (i have R75).