DUO MFA on Checkpoint Remote Access/Mobile Access VPN

nischit123aryal · ‎04-26-2020

Hi,

This post will help those who want to integrate DUO MFA on Checkpoint Remote Access/Mobile Access VPN.

Step 1 - Follow this documentation shared by DUO for Checkpoint Mobile Access Two-Factor Authentication for Check Point Mobile Access | Duo Security

Apart from the above steps, it required additional configuration on Checkpoint for DUO MFA to work

Step 2 - Follow the steps below

Go to Manage and Settings followed by Blades and then Click “Configure in SmartDashboard”. The legacy SmartDashboard client will open.
Click on the “User” icon in the Object Explorer in the bottom left. Then right-click “External User Profiles” and select “New External User Profile > Match all users”.
Select Authentication on the left pane. Change the Authentication Scheme to RADIUS and select the RADIUS server object we created for DUOMFA.
Click “OK” and save your changes. Then close the SmartDashboard window.

jamesmay62361 · ‎12-11-2021

I have successfully completed the integration of duo into my checkpoint infrastructure. However, I am trying to locate a better user interface with checkpoint vpn client. For example the GUI interface presented when using duo to authenticate a webpage. You get authentication options push, sms, phone call. While in checkpoint vpn client, you have type the user password followed by a comma then notification type. This is far from an optimal process, and was looking for another interface if possible here?