Machine certificate authentication and VSX

Teddy_Brewski — Mon, 17 Jul 2023 09:08:44 GMT

Hello,

Not sure if I hit the bug or I'm doing something wrong -- any advise would be greatly appreciated.

VSX R80.40 Take 154 with two VSs -- both offer VPN connectivity for EndPoint clients (using internal Check Point username/password).

I started working on machine certificate authentication on the second VS, and after setting Machine Certificate Authentication to Mandatory (under gateway > VPN Clients > Authentication) clients connecting to the first VS (without Machine Certificate Authentication selected at all) got affected too. The tunnel can be established, but no traffic passing through.

After changing it to When Available, the issue is back to normal.

Thank you.

Re: Machine certificate authentication and VSX

_Val_ — Mon, 17 Jul 2023 08:35:11 GMT

Hey, you tagged the post as Site to Site VPN, but it is in fact for Remote Access VPN, correct?

Re: Machine certificate authentication and VSX

PhoneBoy — Tue, 18 Jul 2023 20:22:50 GMT

As far as I know, this should be supported on VSX.
Recommend a TAC case: https://help.checkpoint.com

topic Re: Machine certificate authentication and VSX in SASE and Remote Access

Machine certificate authentication and VSX

Re: Machine certificate authentication and VSX

Re: Machine certificate authentication and VSX