cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1288
Views
0
Helpful
2
Replies

Problem between chekpoint and Duo Proxy

bilbao
Level 1
Level 1

When the users of checkpiont remote access VPN try to validate via DUO, you get “RADIUS server not response” in the checkpoint logs.
I have check that the Duo Proxy is up and the connectivity test is ok.
I have made capture with tcpdump in the checkpoint and i see that the firewall is sending the radius request (with the IP i have previouly configured in authproxy.cfg ) but it gets no response.
any idea what might be going on?

thank you!

2 Replies 2

DuoKristina
Cisco Employee
Cisco Employee

If you’re having a problem with the Duo Authentication Proxy the first step should be checking the Duo proxy log for clues.

This article describes enabling debug output, and this article is an in-depth guide to interpreting the proxy debug output.

Does the log show the RADIUS requests being sent from the Check Point VPN? Are there any errors?

Duo, not DUO.

bilbao
Level 1
Level 1

I have made a capture in the duo proxy and I see that the Radius requests arrive to the proxy but the return of the packets gets the following error:
Destination Unreachable (Port unreachable).
It seems that there is some checkpoint port that is not up. In the checkpoint logs there is no Drop.I don’t know if it is necessary to raise some port in the checkpoint or some additional configuration that is not in the manual.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links