This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
AkosBakos
MVP Silver
MVP Silver
‎2024-10-02 12:43 AM

Remote Access VPN - certificate based login

Hi CheckMates,

I need your help. 

I have a VPN setup, where de user is authenticated by DN. The disadvantage of this, if I move the user to an another OU, the DN changes. (Un)fortunately, the user certificate  is stored on an external smarcard. In this case I need to recreate the user cert and put it to the smartcard. I have 100+ users.

I changed the auth setting to UPN. The VPN connection is unsuccessful until I recreate the site. After this, everything works as expected.

How can I centrally modify the trac.config? 

Every tip and advice are appreciated.

I don't have Harmony, only SCCM.

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
5 Replies
G_W_Albrecht
MVP Silver
MVP Silver
‎2024-10-02 02:06 AM

https://community.checkpoint.com/t5/Remote-Access-VPN/Possible-to-create-trac-default-from-trac-conf...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
AkosBakos
MVP Silver
MVP Silver
‎2024-10-02 02:14 AM
In response to G_W_Albrecht

Thank, but this SK is deleted

https://support.checkpoint.com/results/sk/sk94273

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
PhoneBoy
Admin
Admin
‎2024-10-02 08:19 AM
In response to AkosBakos

The cpmsi_tool is mentioned in https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN... 
The tool is also distributed with SmartConsole ( in C:\Program Files (x86)\CheckPoint\SmartConsole\VERSION\PROGRAM\util )

0 Kudos
AkosBakos
MVP Silver
MVP Silver
‎2024-10-02 02:38 AM
In response to G_W_Albrecht

Is that possible, the trac.conf doesn't contain that information which relevant for the field selection (DN or UPN) from the user point of view?

Akos

----------------
\m/_(>_<)_\m/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events