Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1671
  • Last Modified:

SSL VPN RADIUS authentication

Hi,
Im having trouble authenticating against my RADIUS server (Win 2008, NPS) using Check Point SSL VPN.

Using Wireshark i can see the "RADIUS Access-Request(1)" packet coming in, but my RADIUS server responds with "RADIUS Access-Reject(3).  The VPN log tells me that the username or password was invalid.  However, I'm 100% sure the login details are correct (AD user). The SSL VPN is working with no problem when using a local firewall user account.

The authentication method is PAP.  Both firewall and server is configured to only use PAP.
My Network Policy is using condition: NAS Port Type: Virtual (VPN), constraints are PAP, SPAP only and the attributes im using are:
Framed Protocol: PPP
Service Type: Framed

I'm thinking maybe it is my attributes that are wrong since the Checkpoint setup is pretty straightforward.  I would appreciate any help on this, especially from anyone who has SSL VPN setup using CheckPoint R70 or newer (i have R75).





0
olemrefv
Asked:
olemrefv
  • 3
1 Solution
 
Craig BeckCommented:
Check the shared secret beween the Checkpoint and the RADIUS server.
0
 
olemrefvAuthor Commented:
Yes i've done that.  It should be correct.
0
 
olemrefvAuthor Commented:
Problem solved. Removed the Virtual (VPN) conditions in the policy.  
0
 
olemrefvAuthor Commented:
Solved.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now