Select Mobile Access in the Access Control policy. Select the Access Control Layer menu box, then select Edit Layer and Enable Mobile Access in the policy: Right-click the Access Control Policy and select Edit Policy.Double-click to open the RemoteAccess community, then click + (plus) to add the gateway.Ĭlick Participant User Groups and accept the default All Users.Ĭonfigure browser access to the Check Point Mobile Access SSL VPN portal This displays Access Tools VPN Communities. Navigate to SECURITY POLICIESthen select Access Control. Navigate to VPN Clients > Authentication > Settings, then in the Single Authentication Clients Settings dialog, select RADIUS as the Authentication method and for Server, select the RADIUS server we created earlier. Select the VPN Clients > Office Mode branch and enable Allow Office Mode for all users using the default CP_default_Office_Mode_addresses_pool object:.If needed, also modify the gateway address to use the external gateway address. While editing the gateway object, select Link Selection in the IPSec VPN branch. In the SmartConsole, edit the gateway object and select IPSec VPN: In this step, we'll describe the following two use cases: Click OK, then click Close.Ĭonfigure a policy to use RADIUS authentication Note: for older version the format might be different. From the upper left corner menu, navigate to New object > more object types > user > new user group.Įnter the name of the group in the following format: RAD_.Note: It is not necessary to define RADIUS user groups if there is no requirement to use that group as a Participant User Group. From the upper left corner menu, navigate to Global Properties > Advances > SecuRemote/SecuClient, check add_radius_groups, then click OK:.Modify as needed when using multiple RADIUS servers. Shared Secret: Enter the RADIUS Secret defined in the Okta RADIUS App earlier.Service: Change to NEW-RADIUS to match UDP `port 1812 set in the RADIUS App earlier.Host: Select the Host you defined above.Name: A unique name for the RADIUS server.From the upper left corner menu, navigate to New object > More object types > Server > More New RADIUS, then enter the following:.IPv4 address: A unique IP address for the host where the RADIUS server is installed.Name: A unique name for the host where the RADIUS server is installed.
From the upper left corner menu, navigate to New object > New Host:.Launch the Check Point SmartConsole (Windows OS only).Ensure that you have the common UDP port and secret key values available.Configure browser access to the Check Point Mobile Access SSL VPN portal.Configure a policy to use RADIUS authentication.
0 kommentar(er)
