https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196102#M7281 <P>Hi Aaron,</P><P>Did you manage to get this sorted out? I'm about to integrate Onelogin for remote VPN as well, and am trying to figure out what to expect.</P><P>Thanks,<BR />Daniel</P> Wed, 25 Oct 2023 08:11:13 GMT Daniel_Cimpeanu 2023-10-25T08:11:13Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/139544#M7280 <P>I am trying to setup Saml authentication for remote access VPN. I would like to use OneLogin as my IdP. I have been using&nbsp;<A href="http://downloads.checkpoint.com/dc/download.htm?ID=114551" target="_blank">http://downloads.checkpoint.com/dc/download.htm?ID=114551</A>&nbsp;as the basis for setting this up. I am having several issues and was hoping someone could give me some insight.</P><P>1. I am getting a 500 error after authenticating via onelogin. I assume I am not sending the token back correctly to the gateway, How would I go about finding logs/troubleshooting the issue?</P><P>2. Is it possible to have users who login using just ldap queries to AD and not through SAML authentication and other users which use the SAML authentication process? It seems to me to be possible as there are different realms for each situation, but I have received conflicting advice,</P><P>3. How do I create per user/group access rules for my SAML users? Do I use Identity tags? Does someone have a good resource for this?</P><P>&nbsp;</P><P>If anyone has any experience using an IdP which is not Azure AD in this use case, I would appreciate any insight</P><P>Thanks&nbsp;</P><P>Aaron</P> Wed, 26 Jan 2022 09:24:25 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/139544#M7280 Aaron_Zelechow 2022-01-26T09:24:25Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196102#M7281 <P>Hi Aaron,</P><P>Did you manage to get this sorted out? I'm about to integrate Onelogin for remote VPN as well, and am trying to figure out what to expect.</P><P>Thanks,<BR />Daniel</P> Wed, 25 Oct 2023 08:11:13 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196102#M7281 Daniel_Cimpeanu 2023-10-25T08:11:13Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196469#M7282 <P><SPAN>Hi Daniel, In the end we used Onelogin Radius for the solution.</SPAN><BR /><SPAN>However, since R81.20 has come out I haven't had problems setting up</SPAN><BR /><SPAN>SAML authentication. I have set it up several times with Azure AD, I</SPAN><BR /><SPAN>imagine that it shouldn't be that different with Onelogin.</SPAN><BR /><SPAN>Aaron</SPAN></P> Sat, 28 Oct 2023 14:31:27 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196469#M7282 Aaron_Zelechow 2023-10-28T14:31:27Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196472#M7283 <P>Its pretty straight forward and easy to configure, no issues with it in R81.20</P> <P>Andy</P> Sat, 28 Oct 2023 14:51:48 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/SAML-Authentication-for-remote-access-vpn-Onelogin/m-p/196472#M7283 the_rock 2023-10-28T14:51:48Z