- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Re: Keep VPN connected when switching windows user...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Keep VPN connected when switching windows users
Hi,
Before I ask TAC, I would like to use the wisdom of the crowd.
Is there a way to keep Endpoint Security Client connected while switching between windows users (windows 10)?
Let me explain my need:
Let's say I have a user connected from a laptop to the VPN and now I want to create a new user on the laptop, in order to get a roaming user profile, the user has to be connected to the Domain and to the network and this can be done only via VPN. If I can log-in with one user, connect to the VPN and then switch to the new user while the VPN is connected I will be able to get the roaming user profile directly after login.
Is there a way to support this scenario using Endpoint Security?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As far as I know, you should be able to do this.
In fact, we have a note about this here saying that any user logged into the same system will also have access: Check Point Remote Access Solutions
Earlier versions of the client definitely didn't support this, though: Multiple logged in users (Fast User Switching) is not supported
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A customer recently reported this behaviour to me as a perceived 'problem' but from what Dameon says and the note in sk67820 it does appear to be "by design". The behaviour reported to me was that "switch user" (on Windows 10) appeared to drop the remote access VPN tunnel whereas if the logged in user (user1) locked the screen and another user (user2) logged in as "Other User" then the tunnel from user1 would still be up & working....
This particular customer wanted to prevent this scenario, so i believe the solution in this case would be a Windows control to prevent both switching and "other user" login capability?
interested to know if anyone else has encountered this ...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To prevent this you can set the "Disconnect when device is idle" in global properties
But, Does the second user able to login via the first user VPN?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Shahar, will give that a go
yes, once the user2 logs into Windows, then they can access all corporate resources as if they were user1...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is really interesting!!
I will give it a try although it sounds like a bug
Do you know which authentication method is used in this case?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes in this case we configure User Certificate authentication CAPI with Cert verification against backend AD Certificate Authority and User checking against AD Group Membership.
In this example user2 does not belong to the “remote VPN allowed” AD group but user1 does !
---
Regards,
Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So the second user "piggy backs" on the first user tunnel.
Which Endpoint version are you using
Cool, I will try that.
Thanks
Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Did you ever find a solution to keep VPN connected when switching windows users? I'm facing the same challenge.
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which client version and authentication method is used?
For reference E84.30 (old) fixed an issue where the VPN disconnects when the Windows desktop locks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
E87.20. Authenticating with Certificate - P12