https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50721#M3752 Mobile access blade is indeed enabled and the certificate under it's portal settings is set the .p12 wild card certificate.<BR /><BR />Is there a way to confirm that the remote access clients are now using the same certificate as one applied in the mobile access settings? Fri, 12 Apr 2019 10:21:26 GMT Udupi_krishna 2019-04-12T10:21:26Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50717#M3750 <P>Hi All,</P><P>&nbsp;</P><P>Has anyone tried importing a wild card certificate into the IPsec VPN repository?. I am looking to change the default certificate which is shown to VPN clients, (General Properties &gt; VPN Clients &gt; "the gateway authenticates with this certificate".</P><P>We have a client using a wildcard cert from GoDaddy for other services. I tried following the documentation in terms of adding the cert CA and intermediate CA and creating the CSR request under the IPSec VPN repository.&nbsp;</P><P>The challenge is I cannot use this enrollment request since this task is already down outside the firewall. Is there a way to import the certificate since it throws an error on Smart Console (R80.20 mgmt and gw). "the new issued certificate does not match the enrollment request" which is expected.</P><P>&nbsp;</P> Fri, 12 Apr 2019 10:00:10 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50717#M3750 Udupi_krishna 2019-04-12T10:00:10Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50720#M3751 <P>Do you have the mobile access blade enabled on the gateway?</P><P>If you have you will be able to import the p.12 from the relative blade settings and then remote access client will use this certificate to authenticate from the gateway , at least this is what tac told me in one sr since I have the same request , but at the moment I don' t know if you don't have the mobile access blade enabled</P> Fri, 12 Apr 2019 10:12:35 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50720#M3751 Marco_Valenti 2019-04-12T10:12:35Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50721#M3752 Mobile access blade is indeed enabled and the certificate under it's portal settings is set the .p12 wild card certificate.<BR /><BR />Is there a way to confirm that the remote access clients are now using the same certificate as one applied in the mobile access settings? Fri, 12 Apr 2019 10:21:26 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50721#M3752 Udupi_krishna 2019-04-12T10:21:26Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50744#M3754 <P>you can delete the site on one of the client using the endpoint/win10 plugin and see wich certificate is pronted</P> Fri, 12 Apr 2019 12:24:55 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/50744#M3754 Marco_Valenti 2019-04-12T12:24:55Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/51122#M3822 This procedure and the earlier info on Certificate referenced under Mobile access blade portal settings was right on. Thanks for your inputs, appreciate it.<BR />Saved me a TAC case <span class="lia-unicode-emoji" title=":winking_face:">😉</span> Wed, 17 Apr 2019 04:33:46 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/51122#M3822 Udupi_krishna 2019-04-17T04:33:46Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/51141#M3825 <P>glad to help <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Wed, 17 Apr 2019 09:01:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Wildcard-Certificate-IPsec-VPN-repository/m-p/51141#M3825 Marco_Valenti 2019-04-17T09:01:13Z