This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jennyado
Advisor
‎2025-12-05 07:35 AM
Jump to solution

Embedded Browser not supported error during SAML authentication with Azure (Remote Access VPN)

Hi,

We are experiencing an issue with Remote Access VPN authentication using SAML against Microsoft Entra ID (Azure AD).

When users try to authenticate, the embedded browser used by the Check Point Endpoint client displays the following error :

 

update your browser.png

imagen.jpg

Important details:

  • The affected users do have Microsoft Edge up to date on their machines.

  • The error only appears inside the Check Point Endpoint embedded browser, not in the regular system browsers.

  • Environment:

    • OS: Windows (users affected)

    • Authentication: SAML with Microsoft Entra ID

    • Client: Check Point Endpoint Security (Remote Access VPN)

Our main questions are:

  1. What browser engine does the Check Point embedded browser actually use on Windows?
    Is it based on IE, Edge WebView2 / Chromium, or something else?

  2. Is Microsoft Edge WebView2 a strict requirement for the embedded browser to work correctly with modern Azure authentication?

At this point, everything works fine if authentication is performed using a full external browser, but fails with the embedded one.

Any guidance, official references, or similar experiences would be greatly appreciated.

Thank you in advance.

2 Solutions

Accepted Solutions
the_rock
MVP Diamond
MVP Diamond
‎2025-12-05 08:52 AM
In response to the_rock
Jump to solution

@jennyado 

Could not find the post, but see if below helps.

https://support.checkpoint.com/results/sk/sk180395

Best,
Andy
"Have a great day and if its not, change it"

View solution in original post

0 Kudos
PhoneBoy
Admin
Admin
‎2025-12-05 01:07 PM
Jump to solution

The embedded browser on Windows is an embedded variant of Internet Explorer.
Which means you should use an external browser for this, and, in fact, default_browser is the default from E88.40.
See: https://support.checkpoint.com/results/sk/sk180395 

View solution in original post

6 Replies
the_rock
MVP Diamond
MVP Diamond
‎2025-12-05 08:50 AM
Jump to solution

Hey Jenn,

Im fairly positive I had seen another post while back where someone mentioned embedded browser is not supported. Let me see if I can find it.

Best,
Andy
"Have a great day and if its not, change it"
the_rock
MVP Diamond
MVP Diamond
‎2025-12-05 08:52 AM
In response to the_rock
Jump to solution

@jennyado 

Could not find the post, but see if below helps.

https://support.checkpoint.com/results/sk/sk180395

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
jennyado
Advisor
‎2025-12-05 09:00 AM
In response to the_rock
Jump to solution

Thank you.

We configured idp_browser_mode to be embedded, but my question is whether, when this configuration is applied, the Endpoint Security agent uses an application to display the login screen within the agent itself, or if it uses a function of the browser that the user has installed on their PC.

the_rock
MVP Diamond
MVP Diamond
‎2025-12-05 09:03 AM
In response to jennyado
Jump to solution

Im fairly certain its within agent itself.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin
‎2025-12-05 01:07 PM
Jump to solution

The embedded browser on Windows is an embedded variant of Internet Explorer.
Which means you should use an external browser for this, and, in fact, default_browser is the default from E88.40.
See: https://support.checkpoint.com/results/sk/sk180395 

the_rock
MVP Diamond
MVP Diamond
‎2025-12-05 02:40 PM
In response to PhoneBoy
Jump to solution

Ok, so it is same sk I was thinking of.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events