This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Aaron_Zelechow
Participant
‎2022-01-26 01:24 AM

SAML Authentication for remote access vpn - Onelogin

I am trying to setup Saml authentication for remote access VPN. I would like to use OneLogin as my IdP. I have been using http://downloads.checkpoint.com/dc/download.htm?ID=114551 as the basis for setting this up. I am having several issues and was hoping someone could give me some insight.

1. I am getting a 500 error after authenticating via onelogin. I assume I am not sending the token back correctly to the gateway, How would I go about finding logs/troubleshooting the issue?

2. Is it possible to have users who login using just ldap queries to AD and not through SAML authentication and other users which use the SAML authentication process? It seems to me to be possible as there are different realms for each situation, but I have received conflicting advice,

3. How do I create per user/group access rules for my SAML users? Do I use Identity tags? Does someone have a good resource for this?

 

If anyone has any experience using an IdP which is not Azure AD in this use case, I would appreciate any insight

Thanks 

Aaron

0 Kudos
3 Replies
Daniel_Cimpeanu
Collaborator
‎2023-10-25 01:11 AM

Hi Aaron,

Did you manage to get this sorted out? I'm about to integrate Onelogin for remote VPN as well, and am trying to figure out what to expect.

Thanks,
Daniel

0 Kudos
Aaron_Zelechow
Participant
‎2023-10-28 07:31 AM
In response to Daniel_Cimpeanu

Hi Daniel, In the end we used Onelogin Radius for the solution.
However, since R81.20 has come out I haven't had problems setting up
SAML authentication. I have set it up several times with Azure AD, I
imagine that it shouldn't be that different with Onelogin.
Aaron

the_rock
Legend
Legend
‎2023-10-28 07:51 AM
In response to Aaron_Zelechow

Its pretty straight forward and easy to configure, no issues with it in R81.20

Andy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events