Test the Check Point RADIUS integration

Test the Check Point RADIUS integration.

The detailed web sequence is listed below and shown in this diagram.

  1. User Logs in with Username/Password
  2. Gateway receives data and forwards via Radius to Okta RADIUS Server Agent
  3. Okta RADIUS Server Agent sends to Okta Identity Cloud
  4. Okta Identify Cloud Determines the Authentication source and responds or optionally forwards to on-prem directory agent
  5. Optional: Directory Agent sends Password to Directory
  6. Optional: Directory Confirms the password
  7. Optional: Directory Agent Confirms the password to Okta Identity Cloud
  8. Okta Identity Cloud evaluates the authentication policy and as required sends a message to the Okta RADIUS Server Agent to challenge the user for a factor
  9. The Okta RADIUS Server Agent relays the challenge message to the Gateway
  10. The Gateway displays a message to select a factor to the user
  11. User supplies the desired factor
  12. Gateway receives data and forwards via Radius to Okta RADIUS Server Agent
  13. Okta RADIUS Server Agent sends to Okta Identity Cloud
  14. Okta Identify Cloud evaluates the Choice and triggers the appropriate response (push message shown)
  15. Push message is received and Responded to by the user
  16. Success Message returned to the Okta RADIUS Server Agent
  17. Success Message returned to the gateway
  18. Connected

Test 1 - Connect a remote access VPN client to the gateway

  1. Download and install one of the latest VPN clients such as the Windows client described in the Remote Access Solutions sk67820. For example, the E80.82 Standalone Remote Access client for WIndows.
  2. Enter the server address, then click Next. Select Standard.
  3. Select Username and Password as the Authentication Method.
  4. Click Finish, then Connect.
  5. Enter your Okta Username and Password. If Multifactor authentication is setup, then follow the prompts to complete the Challenge-Response process.
  6. Verify your laptop is assigned virtual interface with IP address belong to network 172.16.10/24.

  7. (Optional): Verify that you can access the web server in the private network behind Check Point.

Test 2 - Browser access to the Check Point Mobile Access SSL VPN portal

  1. Enter the URL that is defined in configuration of Mobile access into a browser. The default is: https://VPNAccessIP/sslvpn:
  2. Select the Username Password for the Login Option:

  3. Enter the User name and Password, and you will login to the Check Point Mobile Portal: