Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ob1lan
Collaborator
Jump to solution

SAML Authentication for smartphones client

Hi,

We successfully enable SAML authentication with Okta for our Windows and MacOS clients. This is working great, and allow us to have MFA for our Remote Access users.

However, it appears some of our users also connect to our network using their smartphones (Android & iOS) and Capsule app. Is there a way we could provide SAML authentication to those devices ? 

If that's not (yet) possible, can we lock Windows & MacOS clients to the authentication option using SAML, and restrict the use of 'username/password' only to Capsule clients ?

Thanks in advance.

Regards.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

SAML Support for the Android/iOS VPN client is not possible at the moment and would require an RFE.
If you have this requirement, I recommend bringing it up with your local Check Point office.

As for restricting username/password to a specific type of client, I don’t believe you can do that per-se.
Through Access Roles you can definitely control who can go where based on the type of client used.

View solution in original post

7 Replies
PhoneBoy
Admin
Admin

SAML Support for the Android/iOS VPN client is not possible at the moment and would require an RFE.
If you have this requirement, I recommend bringing it up with your local Check Point office.

As for restricting username/password to a specific type of client, I don’t believe you can do that per-se.
Through Access Roles you can definitely control who can go where based on the type of client used.

Eric_Smith
Explorer

As SAML Support for Android / iOS VPN client is not possible at the moment, would it be a fair assumption that the Capsule Connect VPN for Windows 10 also does not support SAML at this time? If not, will that require an RFE also?

0 Kudos
biskit
Advisor

Real shame this doesn't work for Capsule.  I have exactly the same problem...  works a treat for Mobile Access and the Endpoint VPN client on Windows (Azure AD with Microsoft Authenticator), but I have around 70 Capsule (Android) users who need a different auth method 😞

I've asked my local SE to raise an RFE for this.

0 Kudos
lrossi89
Explorer

any news ?

0 Kudos
Chiko_Phiri
Participant

How did it go? I have the same requirement for Android and IOS. 

0 Kudos
lrossi89
Explorer

The support told me that it is not currently supported for Android and iOS

0 Kudos
biskit
Advisor

Thanks for the reminder.  I didn't hear back from my SE so I've just ask for an update.

0 Kudos