Hello All,
I am doing a CheckPoint Endpoint VPN migration to multiple customers and we authenticate using SAML SSO, the integration works fine , however when the user disconnects and attempts to reauthenticate again, they get prompted again, although they are authenticating against an SSO portal which works for other vendors. I tried to play around with the tracs.default file and changed embedded to IE and seems for some reason this sessions or caches are getting deleted every time the user disconnects. Is that a normal behaviour to all identity providers? or there is smth I am missing?
An update , I found this from the client guide, is that the root cause? It has to re initiate using Always-Connect feature only, I cannot manually do it according to this ? So how can I test this is working ? I guess by making the authentication timeout to be for example 2 minutes then wait for the re authentication to do the work without re prompting the user. Although I am still worried this might not work with SAML. Please someone correct me If I said smth wrong, thanks.
An update, This did not work, it did re authenticate me to my IdP but still the session /cache is cleared as it asks again for user/password. This behaviour doesn't appear on Mobile Access VPN as we use the normal browser and SSO happens normally, wonder if there is smth to be done for this endpoint client VPN to work with SSO ? Can someone help me please ? Thanks
- Dawoud