topic Re: R82.00.10 Remote Access using Cert seems broken in Spark Firewall (SMB)

R82.00.10 Remote Access using Cert seems broken

HerbertP — Wed, 08 Apr 2026 12:46:02 GMT

Hello,

after following the issues with R82.00.10 for a while, I have now tried to upgrade one locally managed appliance 1535 to

R82.00.10.

Now clients using remote acess with certificate based auth can no longer reach internal hosts via vpn.

Windows and IOS Client (cert based auth is the only working way to use vpn on demand and split tunneling on IOS) can connect, the office mode address is assigned and routing seems to be correctly set on the client, but traffic does not reach internal sites.

When the client is connected, the UI VPN/Connected remote users does not show that the users are connected.

Is this an know issue, is there a solution, as this completly breaks functionality.

Thanks

Re: R82.00.10 Remote Access using Cert seems broken

Chris_Atkinson — Wed, 08 Apr 2026 14:40:15 GMT

Suggest this will need an SR with TAC if not already?

Please also confirm the build of R82.00.10 image used and the applicable Endpoint client version/s?

Re: R82.00.10 Remote Access using Cert seems broken

PhoneBoy — Wed, 08 Apr 2026 15:17:53 GMT

What build of R82.00.10 did you load?
There's a known issue with certificate validation in some releases: https://support.checkpoint.com/results/sk/sk184766
My understanding is that build 998002133 (currently linked in the R82.00.10 SK) should contain the CRL fix.

Re: R82.00.10 Remote Access using Cert seems broken

HerbertP — Wed, 08 Apr 2026 15:42:03 GMT

The build 998002133 is exactly the version I have loaded. This seems to be an issue, where after successful auth. the traffic on the smb device is not linked to the user that has been authenticated.
When the clients are connected and authenticated, I can see traffic drops originating from the clients office mode ip. When I add a rule src:<dynamic-office-mode-ip> the traffic passes instead of being matched via the remote access rule (user, not group) that worked in previous versions.

Additionally the gw ui does not show the connected user as authenticated.

To me this is bug on the gw-side.

Re: R82.00.10 Remote Access using Cert seems broken

PhoneBoy — Wed, 08 Apr 2026 16:26:49 GMT

You wouldn't be getting this far if the CRL bug were involved.
Suggest a TAC case here.

Re: R82.00.10 Remote Access using Cert seems broken

HerbertP — Tue, 14 Apr 2026 11:11:07 GMT

TAC does not seem to be able to help, due to misunderstanding how certificate based authentication works / and is setup in general.

I am beginning to believe, that support for this product again is not at all working/reliable and that setting up business cases with this risky.

When I startet with checkpoint back in 2004, support offered world class support.

--Philip

Re: R82.00.10 Remote Access using Cert seems broken

ohadp — Tue, 14 Apr 2026 12:15:08 GMT

Hi @HerbertP

My name is Ohad, and I’m from the SMB R&D team. Please feel free to reach out to me at ohadp@checkpoint.com.

I’d be happy to assist with your case.

Ohad

Re: R82.00.10 Remote Access using Cert seems broken

Dafna — Tue, 14 Apr 2026 15:29:24 GMT

Can you please share the output of:
ps aux | grep pdp (expert mode)

Re: R82.00.10 Remote Access using Cert seems broken

HerbertP — Tue, 14 Apr 2026 15:39:03 GMT

.. does not seem to be running

[Expert@XXXX-XXXX-GW-BN]# ps aux | grep pdp
root 18843 0.0 0.0 4484 784 pts/0 S+ 17:36 0:00 grep pdp
[Expert@XXXX-XXXX-GW-BN]#