This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ob1lan
Collaborator
‎2022-02-08 01:23 AM
Jump to solution

SAML Authentication for smartphones client

Hi,

We successfully enable SAML authentication with Okta for our Windows and MacOS clients. This is working great, and allow us to have MFA for our Remote Access users.

However, it appears some of our users also connect to our network using their smartphones (Android & iOS) and Capsule app. Is there a way we could provide SAML authentication to those devices ? 

If that's not (yet) possible, can we lock Windows & MacOS clients to the authentication option using SAML, and restrict the use of 'username/password' only to Capsule clients ?

Thanks in advance.

Regards.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-02-08 03:26 PM
Jump to solution

SAML Support for the Android/iOS VPN client is not possible at the moment and would require an RFE.
If you have this requirement, I recommend bringing it up with your local Check Point office.

As for restricting username/password to a specific type of client, I don’t believe you can do that per-se.
Through Access Roles you can definitely control who can go where based on the type of client used.

View solution in original post

7 Replies
PhoneBoy
Admin
Admin
‎2022-02-08 03:26 PM
Jump to solution

SAML Support for the Android/iOS VPN client is not possible at the moment and would require an RFE.
If you have this requirement, I recommend bringing it up with your local Check Point office.

As for restricting username/password to a specific type of client, I don’t believe you can do that per-se.
Through Access Roles you can definitely control who can go where based on the type of client used.

Eric_Smith
Participant
‎2022-02-09 02:28 PM
In response to PhoneBoy
Jump to solution

As SAML Support for Android / iOS VPN client is not possible at the moment, would it be a fair assumption that the Capsule Connect VPN for Windows 10 also does not support SAML at this time? If not, will that require an RFE also?

0 Kudos
biskit
Advisor
Advisor
‎2022-03-20 06:51 AM
Jump to solution

Real shame this doesn't work for Capsule.  I have exactly the same problem...  works a treat for Mobile Access and the Endpoint VPN client on Windows (Azure AD with Microsoft Authenticator), but I have around 70 Capsule (Android) users who need a different auth method 😞

I've asked my local SE to raise an RFE for this.

0 Kudos
lrossi89
Contributor
‎2022-09-07 03:13 AM
In response to biskit
Jump to solution

any news ?

0 Kudos
Chiko_Phiri
Participant
‎2022-10-03 12:04 AM
In response to biskit
Jump to solution

How did it go? I have the same requirement for Android and IOS. 

0 Kudos
lrossi89
Contributor
‎2022-10-03 12:09 AM
In response to Chiko_Phiri
Jump to solution

The support told me that it is not currently supported for Android and iOS

0 Kudos
biskit
Advisor
Advisor
‎2022-10-03 12:20 AM
In response to Chiko_Phiri
Jump to solution

Thanks for the reminder.  I didn't hear back from my SE so I've just ask for an update.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events