This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MiniNinja
Collaborator
‎2023-08-14 11:14 AM

Microsoft CA integration for Remote access vpn users

Good afternoon.
Installed Checkpoint 5400 81.10 with Ipsec VPN blades, mobile access, identity awareness.

The identity collector is deployed and connected to Microsoft AD.

In addition, a Microsoft CA is deployed and its certificate is added to the Trusted CA object.

I can't find step-by-step instructions on how to configure it so that users of remote vpn access can either generate a certificate through the Microsoft CA portal and select it when connecting, or the gateway itself requests a certificate for the user and installs it for connection.

 

Labels
1 Reply
PhoneBoy
Admin
Admin
‎2023-08-29 05:20 PM

Can't give you the exact steps, but here they are at a high level:

1. Import the relevant CA key into a new Trusted CA object similar to: https://support.checkpoint.com/results/sk/sk149253
2. Configure LDAP for Remote Access with an AD server: https://support.checkpoint.com/results/sk/sk31841 

You can specify Certificate as the authentication method in the relevant user template.
As long as the certificate has the same CN as what's in LDAP, you should be good to go.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events