Authentication on a RADIUS Server over MS-CHAPv2 with UPN

To enable authentication of Remote Access VPN Clients on a RADIUS server over Microsoft Challenge-Handshake Authentication Protocol (MS-CHAPv2) with UPN (<username>@<domain>):

1. Connect to the command line on the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. / each Cluster Member Security Gateway that is part of a cluster..

2. Log in to the Expert mode.

3. Get the current value:

   ckp_regedit -p SOFTWARE/Checkpoint/VPN1 | grep --color RADIUS_MSCHAPV2_UPN

4. To enable this feature:

   ckp_regedit -a SOFTWARE/Checkpoint/VPN1 RADIUS_MSCHAPV2_UPN -n 1

   This command applies immediately and does not require a restart.
   

   To disable this feature:

   ckp_regedit -a SOFTWARE/Checkpoint/VPN1 RADIUS_MSCHAPV2_UPN -n 0