- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hey community,
we have set up SAML-authentication to azure for our remote clients on our Cluster-XL (R81.10). We wanted to enable single-sign-on, so when the windows-credentials are inserted on windows login mask, the endpoint security client starts and connects with the credentials on the azure active-directory before windows-login runns through.
So far it works, till the client wants to connect. In the status bar the connection continues till "Connecting to site" then after some minutes we get the error "Negotiation with site failed".
On our other client we noticed, that the client connects not until windows login is ready and desktop is shown. Than the client opens itself and the SAML-login runs through correctly.
We found a difference in proxy-configuration on both clients. We use a proxy-skript, that lies on a webserver that is only accessible when vpn-tunnel is running. On the Endpoint Connect Client, we use the "No Proxy"-Setting. On both clients "auto-connect" for the site is enabled and SDL is enabled too.
Is there a "best-practise" for proxy-configuration when using SAML-authentication or can you give us tipps how you use proxy-scripts on SAML-authentication?
Thanks so far and best regards
What you're attempting to do is currently not supported.
Specifically, SDL and SAML are not supported together.
Is there an alternative to SDL when using SAML? I tried machine tunnel before logon but that gets shutdown as soon as you enter your credentials to login to Windows. Without SDL, several things fail (drive mappings, etc) right after login because of the lag before the VPN client starts.
Yes, this is expected behavior: the machine tunnel shuts down after the user logs in so the user-specific tunnel can be brought up.
There is a customer release that offers support for SDL with SAML.
If you have an urgent need for this functionality, please consult with your local Check Point office.
I expect this to be added to mainstream releases in the future (though do not have a timeline for this).
Is there any way to improve the end-user experience for Remote VPN w/SAML? I tried the RFE process to get the customer release that support SDL with SAML to no avail. This has been talked about for quite some time and I can't believe that CP still has not released a solution to make SAML auth VPN a viable solution.
Did you contact your local office as instructed?
They should be able to contact our Solution Center internally to obtain this release.
Note it is tied to a specific version/JHF level.
Yes, they sent me the RFE link and I sent them the Feedback Reference # after I submitted the RFE (3 months ago now). Crickets since then.
That process does not involve Solution Center.
In any case, I will contact your account team on the backend to ensure this is handled correctly.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Thu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealThu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASETue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeThu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY