Use RADIUS (Multifactor) as the first and second factors.Use Username and Password as a first factor and RADIUS (Multifactor) as the second factor.Open the Check Point Security Gateway object settings in the VPN Clients/Mobile Access -> Authentication section: Setting up Remote Access VPN in Check Point Shared Secret: provide value from Multifactor Radius Adapter component settings.Host: Address of MultiFactor Radius Adapter component (create a new object or select an existing one).Select New > Server > More > RADIUS in the objects section: The user confirms his access request with a selected Multifactor authentication method or with a one-time passcode in the Remote Access VPN client (Endpoint Security/MAB).The component or Check Point NGFW checks the user's login and password in Active Directory or Network Policy Server and requests the second authentication factor.Check Point NGFW connects to MultiFactor Radius Adapter component via RADIUS protocol.The user connects to the VPN, enters the login and password in the Remote Access client ( VPN client list with 2fa support).
Install and configure MultiFactor Radius Adapter to allow two-factor authentication.
This article shows how to set up two-factor authentication for Check Point Remote Access VPN client connections.
