ESET SECURE AUTHENTICATION. Check Point Software SSL VPN Integration Guide



Similar documents
ESET SECURE AUTHENTICATION. Cisco ASA SSL VPN Integration Guide

ESET SECURE AUTHENTICATION. SonicWall SSL VPN Integration Guide

ESET SECURE AUTHENTICATION. Cisco ASA Internet Protocol Security (IPSec) VPN Integration Guide

ESET SECURE AUTHENTICATION. API SSL Certificate Replacement

Compiled By: Chris Presland v th September. Revision History Phil Underwood v1.1

DIGIPASS Authentication for Check Point Security Gateways

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID

TechNote. Contents. Introduction. System Requirements. SRA Two-factor Authentication with Quest Defender. Secure Remote Access.

Product Guide Addendum. SafeWord Check Point User Management Console Version 2.1

DIGIPASS Authentication for Check Point Connectra

Using Microsoft Active Directory for Checkpoint NG AI SecureClient

External Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Check Point FW-1/VPN-1 NG/FP3

Establishing two-factor authentication with Check Point and HOTPin authentication server from Celestix Networks

ESET SECURE AUTHENTICATION. Product Manual

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

Keeping your VPN protected

Configuring Global Protect SSL VPN with a user-defined port

DIGIPASS Authentication for Cisco ASA 5500 Series

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

Juniper Networks SSL VPN Implementation Guide

DIGIPASS Authentication for GajShield GS Series

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

Cisco VPN Concentrator Implementation Guide

MadCap Software. Upgrading Guide. Pulse

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

NetMotion + YubiRADIUS Quick Start Guide

Configuring Internet Authentication Service on Microsoft Windows 2003 Server

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

Strong Authentication for Juniper Networks

Scan to Quick Setup Guide

ESET NOD32 Antivirus. for Kerio. Installation manual

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Creating IBM Cognos Controller Databases using Microsoft SQL Server

Immotec Systems, Inc. SQL Server 2005 Installation Document

Configuring Microsoft RADIUS Server and Gx000 Authentication. Configuration Notes. Revision 1.0 February 6, 2003

Configure your firewall for administrative access via RADIUS authentication

Chapter 3 Authenticating Users

How to Secure a Groove Manager Web Site

A brief on Two-Factor Authentication

HOTPin Integration Guide: DirectAccess

Set Up Setup with Microsoft Outlook 2007 using POP3

Authentication Node Configuration. WatchGuard XTM

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

External Authentication with Citrix Access Gateway Advanced Edition

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Configuring IBM Cognos Controller 8 to use Single Sign- On

Cisco QuickVPN Installation Tips for Windows Operating Systems

Integration Guide. SafeNet Authentication Service. VMWare View 5.1

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

Strong Authentication for Juniper Networks SSL VPN

Stonesoft Firewall/VPN 5.4 Windows Server 2008 R2

Active Directory integration with CloudByte ElastiStor

Identikey Server Getting Started Guide 3.1

Setting Up Scan to SMB on TaskALFA series MFP s.

BroadSoft BroadWorks ver. 17 SIP Configuration Guide

Secret Server Qualys Integration Guide

ESET REMOTE ADMINISTRATOR. Migration guide

Borderware Firewall Server Version 7.1. VPN Authentication Configuration Guide. Copyright 2005 CRYPTOCard Corporation All Rights Reserved

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Protected Trust Directory Sync Guide

SonicWALL SSL VPN 3.5: Virtual Assist

To configure Outlook Express for your InfoMetrics address:

LICENSE MANAGER VERSION 7.2. Procedures for Use of Sentinel LM7.2 Server for CHEMCAD. rev

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Installing and configuring Microsoft Reporting Services

Integrating LANGuardian with Active Directory

NetMotion Mobility XE

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

Kaseya 2. User Guide. Version 6.1

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Cisco ASA Authentication QUICKStart Guide

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Getting Started

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Two-Factor Authentication

NovaBACKUP xsp Version 15.0 Upgrade Guide

ESET Mobile Security Business Edition for Windows Mobile

Security Provider Integration RADIUS Server

Configuring User Identification via Active Directory

Device LinkUP + Desktop LP Guide RDP

Accessing the Media General SSL VPN

MICROSOFT ISA SERVER 2006

Digipass Plug-In for IAS troubleshooting guide. Creation date: 15/03/2007 Last Review: 24/09/2007 Revision number: 3

Synchronization Agent Configuration Guide

Application Note. Citrix Presentation Server through a Citrix Web Interface with OTP only

How do I set up a branch office VPN tunnel with the Management Server?

RSA Security Analytics

Strong Authentication for Cisco ASA 5500 Series

Multi-factor Authentication using Radius

Transcription:

ESET SECURE AUTHENTICATION Check Point Software SSL VPN Integration Guide

ESET SECURE AUTHENTICATION Copyright 2013 by ESET, spol. s r.o. ESET Secure Authentication was developed by ESET, spol. s r.o. For more information visit www.eset.com. All rights reserved. No part of this documentation may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without permission in writing from the author. ESET, spol. s r.o. reserves the right to change any of the described application software without prior notice. Customer Care Worldwide: www.eset.eu/support Customer Care North America: www.eset.com/support REV. 7/22/2013

Contents 1. 2. 3. 4. Overview...4 Prerequisites...4 Integration...5 instructions Troubleshooting...6

1. Overview This document describes how to enable ESET Secure Authentication (ESA) Two-Factor Authentication (2FA) for a Check Point Software SSL VPN appliance. 2. Prerequisites Configuring the VPN for 2FA requires: A functional ESA RADIUS server that has your Check Point SSL VPN configured as a client, as per Figure 1. Note: To prevent locking any existing, non-2fa enabled AD users from your VPN, it is recommended that you allow Active Directory passwords without OTPs during the transitioning phase. It is also recommended to limit vpn access to a security group (vpnusers in this example). A Check Point Software SSL VPN Appliance. Known supported appliances are: VPN-1 Firewall-1 Figure 1 The RADIUS client settings for your Check Point Software VPN device. Note that the check boxes next to Mobile Application,Compound Authentication and Active Directory passwords without OTPs must be selected and the IP 4

Address is the internal address of your Check Point Software appliance. 3. Integration instructions 1. Add a new RADIUS server: a. Open your Check Point SmartDashboard. b. Expand the Servers and OPSEC Applications page. c. Right-click Servers and select New > RADIUS. d. Name your new server (for example, ESA). e. Click New next to the Host field. f. Select General Properties on the left. g. Add a name for the server, which may not be the same name you chose in step d. (for example, ESAradserv). h. Enter the IPv4 address of your ESA RADIUS server. i. Click OK. j. Select New Radius (for port 1812) from the Service drop-down menu. k. Enter your shared secret, as per Figure 1. l. Select PAP as the protocol. m. Click OK. 2. Create a test user: a. Navigate to and expand Users and Administrators. b. Right click Users and select New User > Default. c. In the user properties window, under the general tab, enter the AD user name of your test user (e.g., Alice) d. In the Authentication tab: i. Set the authentication scheme to RADIUS. ii. Select the server you created in step 1-d (for example, ESA). e. Click OK. 3. Test the authentication: a. Launch your SecureClient. b. Enter the credentials of your test user from step 2: i. Ensure that you are using a user that has been configured for Mobile Application 2FA using ESA. ii. In the password field, append the OTP generated by the Mobile Application to your AD password. For example, if the user has an AD password of Esa123 and an OTP of 999111, then type in Esa123999111. 5

4. Troubleshooting If you are unable to authenticate via the ESA RADIUS server, ensure you have performed the following steps: 1. Run a smoke test against your RADIUS server, as described in the Verifying ESA RADIUS Functionality document. 2. If you are still unable to connect, revert to an existing sign-in configuration (that does not use 2FA) and verify that you are able to connect. 3. If you are still able to connect using the old settings, restore the new settings and verify that your firewall is not blocking UDP 1812 between your VPN device and your RADIUS server. 4. If you are still unable to connect, contact ESET technical support. 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information