Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1087
Views
4
Helpful
6
Replies

Remote access VPN on Dot1.x User

Go to solution
henockk
Level 1
Level 1

‎07-12-2023 06:06 AM

Hi All,

we have encountered with the implementation of dot1.x on our remote access VPN users. Since the implementation, we have noticed that our remote access users are unable to log in using their Active Directory username. Instead, we are required to create a new user for them and add this user in Checkpoint, selecting the RADIUS authentication type.

This has caused inconvenience for both our team and the remote access users. So please anyone who can help me addressing this issue?

FYI we use Checkpoint Firewall for Remote access VPN Termination.

0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to henockk

‎07-12-2023 10:12 AM

@henockk ok understood. You still need to provide some information on what is configured and what errors you are seeing. Provide some screenshots and errors logs.

View solution in original post

Go to solution
Aref Alsouqi
VIP
VIP

‎07-14-2023 06:19 AM

I agree with @Rob Ingram we need more info to be shared, however, from the description you gave it does seem the CheckPoint firewall is not relaying the authentication requests to the RADIUS server properly.

View solution in original post

Go to solution
thomas
Cisco Employee
Cisco Employee

‎07-19-2023 08:22 AM

Please read How to Ask The Community for Help .

There is very basic information that is required for any troubleshooting.

Please call TAC if you are unable or unwilling to share it with your peers.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Rob Ingram
VIP
VIP

‎07-12-2023 06:11 AM

@henockk 802.1X is only used for Wired or Wireless authentication, not Remote Access VPN, RADIUS can still authenticate these sessions though.

It sounds like your CheckPoint is not configured for RADIUS authentication correctly. Please provide more information on your configuration and how ISE is setup to authenticate the Remote Access VPN users.

Go to solution
henockk
Level 1
Level 1
In response to Rob Ingram

‎07-12-2023 06:55 AM

@Rob Ingram I know It is only used for Wired or Wireless authentication, However only on 8021.x applied devices are not working using their AD credentials

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to henockk

‎07-12-2023 10:12 AM

@henockk ok understood. You still need to provide some information on what is configured and what errors you are seeing. Provide some screenshots and errors logs.

Go to solution
MHM Cisco World
VIP
VIP

‎07-12-2023 08:20 AM

802.1x is l2 secuirty'

If remote access is connect to your wlc or SW and you have Radius Server then you can auth remote access PC

Then you can use use remote access auth which is L3 secuirty.

If you connect via internet then you can use Radius for username/password auth the remote access' no need 802.1x 

0 Helpful

Go to solution
Aref Alsouqi
VIP
VIP

‎07-14-2023 06:19 AM

I agree with @Rob Ingram we need more info to be shared, however, from the description you gave it does seem the CheckPoint firewall is not relaying the authentication requests to the RADIUS server properly.

Go to solution
thomas
Cisco Employee
Cisco Employee

‎07-19-2023 08:22 AM

Please read How to Ask The Community for Help .

There is very basic information that is required for any troubleshooting.

Please call TAC if you are unable or unwilling to share it with your peers.

0 Helpful
Customers Also Viewed These Support Documents