cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

Hello!

I'm trying to find documentation for configuring R80.10 Remote Access to authenticate users with a certificate issued by an external CA, in this case, Active Directory Certificate Services.

I have found Check Point's documentation for using the internal CA, but it doesn't talk that much about external CA.

Thanks!

1 Solution

Accepted Solutions

Re: How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

4 Replies

Re: How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

i am trying to do the same on my side Smiley Happy

i opened a topic : https://community.checkpoint.com/thread/7304-remote-client-vpn-authentication-with-certificate 

maybe we can join forces and find a workable solution.

Re: How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

Hi, I've the same problem. I need to authenticate my ldap users with certificate and username + password. 

With only username and password everything works but with certificates I've the same problem of Catrina.

Did anybody of you solve this problem?

Re: How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

Re: How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA

Jump to solution

Hi is there any steps for this ? for ADCS ?

I found the below online, is there any other docs on Checkpoint ?

Any help is appreciated 

 https://itsecworks.com/2012/05/09/external-ca-for-remote-access-vpn/

0 Kudos