Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Louis_Poulin
Collaborator
Jump to solution

How to configure Remote Access (user VPN) to authenticate with a certificate from an external CA (ADCS)

Hello!

I'm trying to find documentation for configuring R80.10 Remote Access to authenticate users with a certificate issued by an external CA, in this case, Active Directory Certificate Services.

I have found Check Point's documentation for using the internal CA, but it doesn't talk that much about external CA.

Thanks!

1 Solution

Accepted Solutions
Claudio_Bolcato
Contributor

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

View solution in original post

4 Replies
ovidiu_catrina
Contributor

i am trying to do the same on my side Smiley Happy

i opened a topic : https://community.checkpoint.com/thread/7304-remote-client-vpn-authentication-with-certificate 

maybe we can join forces and find a workable solution.

Claudio_Bolcato
Contributor

Hi, I've the same problem. I need to authenticate my ldap users with certificate and username + password. 

With only username and password everything works but with certificates I've the same problem of Catrina.

Did anybody of you solve this problem?

Claudio_Bolcato
Contributor

I've finaly solved my problem! The error on my endpoint vpn client was: 

Internal error; connection failed. More details may be available in the logs"
Looking on support center I found this sk: Endpoint Security VPN client using SHA256 certificate from the CAPI store fails to connect to VPN Ga... 
I solved exporting my personal certificate as .pfx, switched the client authentication to .p12 and everything worked.
After that I re installed the exported certificate and switched back to CAPI.
Now the connection works perfectly.

I hope this can help some of you.

TOM_MORAN
Contributor

Hi is there any steps for this ? for ADCS ?

I found the below online, is there any other docs on Checkpoint ?

Any help is appreciated 

 https://itsecworks.com/2012/05/09/external-ca-for-remote-access-vpn/

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events