This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nflnetwork29
Advisor
‎2023-05-11 11:29 AM
Jump to solution

remote access vpn embedded browser how to clear cache

When using the Check Point VPN client W/ Identify provider (Azure / SAML) - By default, the Windows client uses its embedded browser.

 

I am having a quirky issue where the Edge browser is using cached/saved credentials (save username) to connect.

 

I see nowhere to clear this and enter a different username other than what is cached. 

 

 

Has anyone come across this?

 

 

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-05-12 11:28 AM
In response to nflnetwork29
Jump to solution

@AndreiR can you confirm with the SK team that SK180395 can now be made public?
The TL;DR of it is to change idp_browser_mode in trac.defaults from embedded to default_browser.
trac.defaults can be found on the client in:

  • 64-bit Windows: %ProgramFiles(x86)%\CheckPoint\Endpoint Connect\trac.defaults
  • macOS: /Library/Application Support/Checkpoint/Endpoint Security/Endpoint Connect/Trac.defaults

The Endpoint service will then need to be restarted as follows:

  • Windows (as admin)
    • net stop TracSrvWrapper
    • net start TracSrvWrapper
  • macOS:
    • sudo launchctl stop com.checkpoint.epc.service
    • sudo launchctl start com.checkpoint.epc.service

View solution in original post

11 Replies
the_rock
Legend
Legend
‎2023-05-11 11:36 AM
Jump to solution

Maybe this?

Screenshot_1.png

0 Kudos
nflnetwork29
Advisor
‎2023-05-11 11:41 AM
In response to the_rock
Jump to solution

no dice. 

 

is there any way to force the browser to open in "incognito" mode?

0 Kudos
PhoneBoy
Admin
Admin
‎2023-05-11 12:37 PM
Jump to solution

In E87.30 and above, we support using the default browser for the client OS for SAML authentication.
See: https://support.checkpoint.com/results/sk/sk180395 

0 Kudos
nflnetwork29
Advisor
‎2023-05-11 12:54 PM
In response to PhoneBoy
Jump to solution

yeah, i saw that however it gives me no option to enter a username and password.  

 

it signs me in automatically with my email id .

 

(I am testing another vpn setup for a different environment) so i have a conflict. If i could clear the cache somehow or force it to prompt for credentials i think it would work. 

 

 

2023-05-11_14-56-23.jpg

0 Kudos
the_rock
Legend
Legend
‎2023-05-11 12:56 PM
In response to nflnetwork29
Jump to solution

Are you saying that even in incognite mode makes no difference?

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2023-05-11 01:06 PM
In response to nflnetwork29
Jump to solution

If you're actually using this option, it would show not in the "embedded browser" but in the default browser configured in the OS.
There, you should be able to clear the necessary cookies.

Not sure how to clear cookies in the Embedded browser.

0 Kudos
AndreiR
Employee Alumnus
Employee Alumnus
‎2023-05-12 05:59 AM
In response to PhoneBoy
Jump to solution

Hi,

There is no option in VPN client to clear cookies in the Embedded Browser. But taking into account that Embedded Browser is based on Internet Explorer, you may try run IE and clear its cookies.

For the future, it is better to default system browser.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-05-12 11:28 AM
In response to nflnetwork29
Jump to solution

@AndreiR can you confirm with the SK team that SK180395 can now be made public?
The TL;DR of it is to change idp_browser_mode in trac.defaults from embedded to default_browser.
trac.defaults can be found on the client in:

  • 64-bit Windows: %ProgramFiles(x86)%\CheckPoint\Endpoint Connect\trac.defaults
  • macOS: /Library/Application Support/Checkpoint/Endpoint Security/Endpoint Connect/Trac.defaults

The Endpoint service will then need to be restarted as follows:

  • Windows (as admin)
    • net stop TracSrvWrapper
    • net start TracSrvWrapper
  • macOS:
    • sudo launchctl stop com.checkpoint.epc.service
    • sudo launchctl start com.checkpoint.epc.service
AndreiR
Employee Alumnus
Employee Alumnus
‎2023-05-13 02:18 AM
In response to PhoneBoy
Jump to solution

Hi @PhoneBoy ,

Thanks for this hint. I've submitted update to sk180395. It will be published soon.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top