Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

RA VPN with Multiple Authentication

Jump to solution

Hello everybody,


Today my users access the RA VPN using the LDAP authentication, I want to use the same LDAP authentication with a personal certificate, I have checked on CP_R80.10_RemoteAccessVPN_AdminGuide.pdf and here is possible see that is possible to use, but I couldn´t found the steps to configure.

 

Anyone can suggest me one SK to follow to do this configuration?

 

 

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin

The user provides the certificate (either the P12 file or from the certificate store), which must be signed by a trusted CA.
If you're not using the internal CA for this, you will have to create the relevant object for it (called an OPSEC CA) and import its public key.

View solution in original post

5 Replies
Highlighted
Admin
Admin
What you're looking for is Multiple Login Options.
Even the SK that mentions it refers you back to the documentation.
Here's an HTML version: https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_RemoteAccessVPN_AdminGuide/h...
0 Kudos
Highlighted
Explorer

Hi PhoneBoy,

One question, if a choose the option "Certificate + username Password" were CP will get this information ? today I have one certificate installed on my domain machines, my idea is to allow the VPN connection just to hosts with this certificate because today a user can use an external host to connect on VPN.

0 Kudos
Highlighted
Admin
Admin

The user provides the certificate (either the P12 file or from the certificate store), which must be signed by a trusted CA.
If you're not using the internal CA for this, you will have to create the relevant object for it (called an OPSEC CA) and import its public key.

View solution in original post

Highlighted
Explorer
Thanks man.
0 Kudos
Highlighted
Participant

Hello PhoneBoy,

Is this same for R80.40? For RA vpn can I use as authentication 2 mandatory option LDAP user name and pass and at the same time certificate that will be generated on ldap server and what are steps to implement this?

0 Kudos