- CheckMates
- :
- Products
- :
- General Topics
- :
- Remote access community participating group using ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Remote access community participating group using Azure saml authentication
Hi Mates,
I have configured Azure saml authentication for remote access vpn. During testing, We are getting "Negotiation with site is failed" error message on client side and "user does not belong to remote access community" in smart console.
When I changed remote access vpn community participating group to "all user", we are able to authenticate for remote vpn using saml.
Question here is, can I map Azure identity provider group in remote access community participating group? because it does not show any identity provider group when I try to add in participating group. Or I need to keep "All user" in participating group?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Create groups as described here: https://support.checkpoint.com/results/sk/sk177267
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, Phoneboy. I have already created and tested with group name EXT_ID_ with no luck. I will verify configuration with Azure administrator.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The sk Phoneboy gave you is definitely good place to start. One of my colleagues and I had to do this for a large customer.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I attached a doc that hopefully is helpful to you.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @the_rock for sharing document. I will verify.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hope it really helps you, as we always follow it and works fine. Let me know if any issues.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have followed sk177267 & sk172909 to define group in Azure. Still, it was not working, Lastly, we have configured each group has its own role which you mentioned in supplementary instruction document (Undocumented step – CRUCIAL). It did the trick. Now it is working as expected.
Thanks again for sharing supplementary instruction document.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I agree, thats super important step. My colleague and I got that from Azure documentation, I will write a feedback about it in the sk.
Best,
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Okay, just submitted a feedback.
Andy
