This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_Kavan
MVP Gold
MVP Gold
Wednesday
Jump to solution

VPN user certificate expire dates feature - gone in R82?

Hi mates,

I noticed that the feature to see a list of VPN user certificates and when they expire is no longer in the Mobile Access R82 dashboard.   Is the ICA tool now recommended for this?

R82 Remote Access VPN Administration Guide

 

 

Labels
0 Kudos
1 Solution

Accepted Solutions
the_rock
MVP Gold
MVP Gold
Wednesday
Jump to solution

Hey Dan,

I just confirmed with our SE that ICA mgmt tool is indeed recommended way to this in R82.

Best,

Andy

View solution in original post

13 Replies
the_rock
MVP Gold
MVP Gold
Wednesday
Jump to solution

I noticed that too the other day, lets see if someone can confirm for sure.

Andy

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
Jump to solution

Hey Dan,

I just confirmed with our SE that ICA mgmt tool is indeed recommended way to this in R82.

Best,

Andy

the_rock
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

@Daniel_Kavan 

If you nneed anything tested in that tool, let me know, I have it set up in the lab.

Andy

0 Kudos
Daniel_Kavan
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

Thanks!    The ICA Management Tool

Funny you ask.   So, I have the tool turned on, however I can't connect to it from my browser.

Expert@mgt1:0]# cpca_client set_mgmt_tool print
Management tool is ON.
Using SSL.
The authorized administrators:

 

.....................Hmmm...can't reach this page

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to Daniel_Kavan
Jump to solution

Just do below and it will work, then access it on http://mgmt_ip:18265

I mean, its mgmt server, so not a big issue if this has to be doneon port 80. I cant make this work in my lab either, its mgmt I upgraded to R82, but works fine on CLEAN mgmt server.

Andy

[Expert@CP-MANAGEMENT:0]# cpca_client set_mgmt_tool on -no_ssl
Management tool is ON.
Not using SSL.
The authorized administrators:
(
: ("CN=john_smith,OU=users,O=CP-MANAGEMENT..pi6w5j")
)
The authorized users:
()
The authorized custom users:
()
[Expert@CP-MANAGEMENT:0]#

Daniel_Kavan
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

Yes, I can connect with -nossl. 

 A new issue now (sorting), if I put 31-Dec-2025 in the valid to column, I still see certs that expire in 2026.  I just want to see the certs that expire in the next 30 days so I can renew them.

Also, what does remove expired certs do exactly, would it remove the revoked certs.   I put a check in the box for a revoked cert than clicked the option to remove selected certs and nothing happened.  It's still there.

In summary, at least so the ICA management tool is not real helpful.

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to Daniel_Kavan
Jump to solution

Now, you demand too much lol. For every NEW issue, its new post...jk : - )

Awywho, let me try this in my lab.

Andy

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to Daniel_Kavan
Jump to solution

What do you get if you search as what I attached?

Andy

Preview file
31 KB
0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

Btw, I just removed all revoked certs in the lab from ica web page, rebooted mgmt server, still all good.

Andy

0 Kudos
Daniel_Kavan
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

no such luck for me, I'll open an issue with TAC.

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to Daniel_Kavan
Jump to solution

Yea, lets see what they say. Im still trying to fix this to work with ssl on, makes no sense why it does not.

Andy

0 Kudos
Daniel_Kavan
MVP Gold
MVP Gold
Wednesday
In response to the_rock
Jump to solution

That shows expired certs but the idea is to renew them/catch them before they expire.

0 Kudos
the_rock
MVP Gold
MVP Gold
Wednesday
In response to Daniel_Kavan
Jump to solution

Btw, this is how you fix it with ssl on. I will make separate post about it.

Andy

https://support.checkpoint.com/results/sk/sk115742

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events