Create a Post
Showing results for 
Search instead for 
Did you mean: 

Microsoft CA integration for Remote access vpn users

Good afternoon.
Installed Checkpoint 5400 81.10 with Ipsec VPN blades, mobile access, identity awareness.

The identity collector is deployed and connected to Microsoft AD.

In addition, a Microsoft CA is deployed and its certificate is added to the Trusted CA object.

I can't find step-by-step instructions on how to configure it so that users of remote vpn access can either generate a certificate through the Microsoft CA portal and select it when connecting, or the gateway itself requests a certificate for the user and installs it for connection.


1 Reply

Can't give you the exact steps, but here they are at a high level:

1. Import the relevant CA key into a new Trusted CA object similar to:
2. Configure LDAP for Remote Access with an AD server: 

You can specify Certificate as the authentication method in the relevant user template.
As long as the certificate has the same CN as what's in LDAP, you should be good to go.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events