- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hello,
We have a cluster of 6400 firewalls. Client based Remote access VPN is enabled for our remote users.
In the beginning, all our users belonged in one domain (on premise AD, not Azure AD). So we configured rules properly (access roles based on OUs in AD, LDAP Groups, etc) for our remote access users.
However we want users from another domain to participate in the remote access VPN configuration. We created all the previous (access roles based on OUs in the other AD, LDAP Groups, etc) but when we try to enter credentials from the 2nd domain we receive the error "Negotiation with site failed".
Regards,
Ioannis
Do you have multiple LDAP account units configured and what username format are the users attempting to authenticate with?
We have configured two LDAP account units. The username format is the user logon name in the AD. This works for users located in one of the LDAP account units but not working for the other one.
Usually, that error negotiation with site failed would refer to IP or fqdn not responding from user's machine. Can you have them try with IP address instead of fqdn and see if same problem is there? Also, check the logs in smart console when they try connetc, it should give some clues.
Andy
Did you already try the configuration according to these screenshots to include all LDAP directories?
Now, show User Directories please
It looks like your GW is failing to authenticate the user, check VPN logs on the GW side.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY