This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
PhoneBoy
Admin
Admin
‎2021-04-28 05:04 PM
Jump to solution

SAML Support for Remote Access VPN

This question has come up a lot on the community.
We now have a formally supported solution that allows integration with ADFS and other SAML-based authentication.
This requires Check Point gateways running (at minimum) the following releases:

  • R80.40 JHF 114 or above (not supported with Maestro)
  • R81 JHF 42 or above (not supported with Maestro)
  • R81.10 JHF 9 or above (not supported with Maestro)
  • R81.20 (supported with Maestro) and above

The following VPN clients are supported (minimum versions listed):

  • E84.70 on Windows
  • E85.30 on macOS
  • Capsule VPN clients (see sk181494), which requires the following gateway versions:
    • R81.10 JHF 43 and above
    • R81.20 JHF 113 and above 

This solution is NOT currently supported with:

  • Capsule Workspace
  • Embedded Gaia/SMB Gasteways

If such support is needed, please open an RFE with your local Check Point office.

You can see the details in the R81.20 Remote Access VPN guide under SAML Support for Remote Access VPN and/or sk172909.

See also this video by @Peter_Elmer 

(Last edited April 2024)

125 Replies
PhoneBoy
Admin
Admin
‎2023-03-20 09:19 AM
In response to CheckPointerXL
Jump to solution

As far as I know, it is still required.
Your best bet is to confirm with the TAC.

0 Kudos
faridb
Employee
Employee
‎2024-01-08 06:51 AM
In response to PhoneBoy
Jump to solution

hello , 

i know it's an old thread but i need a recommendation on how to implement SAML with ADFS ( not Azure AD ) so an on prem server ?

is this the same setup ?

 

Regards,

0 Kudos
PhoneBoy
Admin
Admin
‎2024-01-08 03:33 PM
In response to faridb
Jump to solution

I assume there are some differences between Azure AD and ADFS.
However, the configuration on the Check Point end should be similar as SAML is fairly generic.

0 Kudos
SenpaiNoticed_U
Employee
Employee
a week ago
Jump to solution

SMB appliances now support SAML as of R81.10.15 firmware 
sk182438

fabionfsc
Contributor
a week ago
In response to SenpaiNoticed_U
Jump to solution

I updated to version R81.10.15 and confirmed that it now really works, but recently, I rebooted my Quantum Spark and the Azure login screen just keeps loading (a blank screen), I'm going to do a new reboot to test, since recreating the entire authentication method didn't work.

0 Kudos
fabionfsc
Contributor
a week ago
In response to SenpaiNoticed_U
Jump to solution

Rebooted and now its fine.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events