DUO MFA on Checkpoint Remote Access/Mobile Access VPN

Hi,

This post will help those who want to integrate DUO MFA on Checkpoint Remote Access/Mobile Access VPN.

Step 1 - Follow this documentation shared by DUO for Checkpoint Mobile Access Two-Factor Authentication for Check Point Mobile Access | Duo Security

Apart from the above steps, it required additional configuration on Checkpoint for DUO MFA to work

Step 2 - Follow the steps below

  • Go to Manage and Settings followed by Blades and then Click “Configure in SmartDashboard”. The legacy SmartDashboard client will open.

  • Click on the “User” icon in the Object Explorer in the bottom left. Then right-click “External User Profiles” and select “New External User Profile > Match all users”.

  • Select Authentication on the left pane. Change the Authentication Scheme to RADIUS and select the RADIUS server object we created for DUOMFA.

  • Click “OK” and save your changes. Then close the SmartDashboard window.