Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
AntoX01
Participant

Can Check Point Capsule VPN on Android device store Credentials?

Jump to solution

Hi guys,

Can "Check Point Capsule VPN" installed on Android device store the authentication credentials without having to enter the user and password each time to connect?

The only thing I found, besides users complaining that they can't do this, was that maybe it is possible to do it with "Capsule Workspace", is it true? The only document I found, however, says I need to install the R77.30 Add-on. (https://sc1.checkpoint.com/documents/R77/CP_R77_Mobile_Access_WebAdmin/82201.htm

But now there is at least the R81 😉

Hello and thanks very much!

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin

Certificates are based on user/device pair. The certificate is initialised and pulled to a device with a one-time token generated for a specific user. Certificate cannot be transferred to another device. So, user is not prompted for credentials during the process.

View solution in original post

(1)
12 Replies
_Val_
Admin
Admin

If you want seamless auth, use certificate method.

AntoX01
Participant

Thank you very much,
so without using certificates it is not possible to save the credentials and not type them every time?
With the certificate I connect without the credentials, right?

the_rock
Champion
Champion

For certificate, answer is yes. As far as creds, I never figured out way to save them, even if that option is enabled on fw side. It only seems to work for endpoint vpn client, not capsule. I would confirm with TAC 100% to be sure, but Im about 95% sure myself  : - )

(1)
AntoX01
Participant

Thanks the_rock, much appreciated.

0 Kudos
_Val_
Admin
Admin

Certificates are based on user/device pair. The certificate is initialised and pulled to a device with a one-time token generated for a specific user. Certificate cannot be transferred to another device. So, user is not prompted for credentials during the process.

View solution in original post

(1)
AntoX01
Participant

Thank you very much _Val_, then I'll use the certificate.

0 Kudos
AntoX01
Participant

Good Morning @_Val_,  could you recommend me a guide to be able to create certificates for Android for the R81 please? I only found this for 80.40 ... https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_RemoteAccessVPN_AdminGuide/T...

I have understand that the certificates are created for the user, so I can decide to use the certificate only for a real one? And the other users instead continue to log in with the password. it is true?

Thank you very much and have a nice day!

0 Kudos
_Val_
Admin
Admin

Same chapter exists in R81 guide as well: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_RemoteAccessVPN_AdminGuide/Topics-...

 

That part I do not understand:

>>>I have understand that the certificates are created for the user, so I can decide to use the certificate only for a real one? And the other users instead continue to log in with the password. it is true?

 Can you please re-phrase the question?

0 Kudos
AntoX01
Participant

Of course, thanks.

The question is: if I enable the certificate for only one user, will other users continue to enter with the password without problems?

0 Kudos
_Val_
Admin
Admin

Of course. You manage user certs on a user basis 🙂

0 Kudos
_Val_
Admin
Admin
0 Kudos
AntoX01
Participant

Thank you very much @_Val_ ! Have a nice day!

0 Kudos