Configuring a RADIUS Server

You can configure the RADIUS server (Remote Authentication Dial In User Service) that provides authentication, authorization, and accounting for Small Office Appliance gateways. You can configure RADIUS in the ProvisioningClosed Check Point Software Blade on a Management Server that manages large-scale deployments of Check Point Security Gateways using configuration profiles. Synonyms: SmartProvisioning, SmartLSM, Large-Scale Management, LSM. Profile once for all gateways assigned to this profile. The RADIUS server must be already defined as a SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. object.

You can configure your appliance to contact more than one RADIUS server. If the first server in the list is unreachable, the next RADIUS server in the list is contacted to authenticate with. If the list is empty, the RADIUS option is turned off on the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..

  1. In the Devices window, double-click the Small Office Appliance object.

    The Security Gateway window opens.

  2. Select the RADIUS tab.

  3. Select Use the following settings.

  4. Click Add to add RADIUS servers that were defined in SmartConsole, select a RADIUS server from the list.

  5. Click OK.

  6. To remove a server, select a server in the list and click Remove.

  7. Use Up/Down to set the priority used for contacting RADIUS servers.

  8. Click Allow administrators from specific RADIUS groups only (comma separated) to allow authentication from specified groups as defined on the RADIUS server. Only administrators which belong to those groups can get access.

  9. Click OK.