Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

Hello!

I'm trying to find documentation for configuring R80.10 Remote Access to authenticate users with a certificate issued by an external CA, in this case, Active Directory Certificate Services.

I have found Check Point's documentation for using the internal CA, but it doesn't talk that much about external CA.

Thanks!

1 Solution

Accepted Solutions
Highlighted

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

View solution in original post

4 Replies
Highlighted

i am trying to do the same on my side Smiley Happy

i opened a topic : https://community.checkpoint.com/thread/7304-remote-client-vpn-authentication-with-certificate 

maybe we can join forces and find a workable solution.

Highlighted

Hi, I've the same problem. I need to authenticate my ldap users with certificate and username + password. 

With only username and password everything works but with certificates I've the same problem of Catrina.

Did anybody of you solve this problem?

Highlighted

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

View solution in original post

Highlighted

Hi is there any steps for this ? for ADCS ?

I found the below online, is there any other docs on Checkpoint ?

Any help is appreciated 

 https://itsecworks.com/2012/05/09/external-ca-for-remote-access-vpn/

0 Kudos