Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
tarsonflorencio
Participant

OKTA AS IDP FOR CHECK POINT VPN CLIENT

Hello everyone, good afternoon, how are y'all?

We have successfully integrated OKTA as an identity provider via SAML 2.0 for authentication of Check Point VPN through the browser (SSL Bookmark), which works perfectly. However, when attempting authentication through the VPN Mobile Client, we encountered an error immediately after passing the authentication by OKTA: “Access denied. The destination of your request has not been configured, or you do not have authorization to access it” (403), as illustrated in the image below.

I suspect the problem is related to authorization configurations in the VPN, as we have tried several other configurations without success. The External User Profile object is set up as Generic and the authentication scheme is set to IDP.

Could you help us resolve this situation? I believe your assistance and detailed analysis could be decisive.image.png

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

What version/JHF are the gateway and management?
Please make sure you meet all the requirements here: https://support.checkpoint.com/results/sk/sk172909 

tarsonflorencio
Participant

Hey Buddy, The version is R81.20 Jumbo Hotfix Take 41. 
Thank you so much, I'll take a look at this link.

0 Kudos
the_rock
Legend
Legend

To me at least, logically, that error does not indicate OKTA issue, but rather access policy for mobile access...something there is missing or not allowed, seems like.

Andy

tarsonflorencio
Participant

Nice clue man, I'll check on the access policy for mobile access.
Appreciate

0 Kudos
the_rock
Legend
Legend

Sounds good.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events