This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
Louis_Poulin
Collaborator
‎2018-04-11 03:44 PM

How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Jump to solution

Hello!

I'm trying to find documentation for configuring R80.10 Remote Access to authenticate users with a certificate issued by an external CA, in this case, Active Directory Certificate Services.

I have found Check Point's documentation for using the internal CA, but it doesn't talk that much about external CA.

Thanks!

1 Solution

Accepted Solutions
Claudio_Bolcato
Contributor
‎2018-07-08 01:42 AM
In response to Claudio_Bolcato

Jump to solution

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

View solution in original post

4 Replies
ovidiu_catrina
Contributor
‎2018-04-12 01:47 AM

Jump to solution

i am trying to do the same on my side Smiley Happy

i opened a topic : https://community.checkpoint.com/thread/7304-remote-client-vpn-authentication-with-certificate 

maybe we can join forces and find a workable solution.

Claudio_Bolcato
Contributor
‎2018-07-01 01:19 PM

Jump to solution

Hi, I've the same problem. I need to authenticate my ldap users with certificate and username + password. 

With only username and password everything works but with certificates I've the same problem of Catrina.

Did anybody of you solve this problem?

Claudio_Bolcato
Contributor
‎2018-07-08 01:42 AM
In response to Claudio_Bolcato

Jump to solution

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

TOM_MORAN
Contributor
‎2019-03-29 01:39 PM
In response to Claudio_Bolcato

Jump to solution

Hi is there any steps for this ? for ADCS ?

I found the below online, is there any other docs on Checkpoint ?

Any help is appreciated 

 https://itsecworks.com/2012/05/09/external-ca-for-remote-access-vpn/

0 Kudos