This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
wjong
Explorer
‎2025-02-17 10:46 PM
Jump to solution

How to Configure Check Point Endpoint Security E88.60 Remote Access VPN to Use Azure AD or CA?

Hello,

I am currently using Check Point Endpoint Security E88.60 for Remote Access VPN, but whenever I try to connect, I'm always prompted to enter my username and password.

I would like to configure the VPN client to authenticate users using either Azure AD or Certificate Authentication (CA) instead of the standard username/password method.

Could anyone guide me on how to set this up? Specifically:

  • How do I integrate Azure AD for authentication, or
  • How can I configure Certificate-based Authentication (CA) for VPN access?

Any guidance or step-by-step instructions would be greatly appreciated!

Thank you in advance!

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2025-02-19 07:54 AM
In response to wjong
Jump to solution

Those options are only available if you are managing your SMB with a Smart-1 appliance.
Otherwise, you are limited to passwords or, upon upgrading your firmware to R81.10.15, you can also leverage Azure/Entra ID.

View solution in original post

7 Replies
PhoneBoy
Admin
Admin
‎2025-02-18 01:23 PM
Jump to solution

Both options are supported.
Refer to the relevant product documentation linked below.

0 Kudos
wjong
Explorer
‎2025-02-18 04:44 PM
In response to PhoneBoy
Jump to solution

My apologies as I did not mention that I'm using Quantum Spark 1575 appliance as the firewall and Remote Access VPN. Not R81.20

0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-18 04:51 PM
In response to wjong
Jump to solution

I don't believe you can do certificates from a locally managed SMB appliance.
However, SAML support for locally managed SMB appliances is supported from R81.10.15: https://sc1.checkpoint.com/documents/SMB_R81.10.X/CLI/EN/Content/Topics/Configuring-SAML-Identity-Pr... 

0 Kudos
wjong
Explorer
‎2025-02-18 05:13 PM
In response to PhoneBoy
Jump to solution

I'm rather new to this appliance.

Model
1575 Appliance
Version
R81.10.10 (996002993)
 
As the version is currently as of above,
are there any other methods which can be used to authenticate without typing Username and Password? (Refer to attached image)
Preview file
57 KB
0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-19 07:54 AM
In response to wjong
Jump to solution

Those options are only available if you are managing your SMB with a Smart-1 appliance.
Otherwise, you are limited to passwords or, upon upgrading your firmware to R81.10.15, you can also leverage Azure/Entra ID.

wjong
Explorer
‎2025-02-20 09:28 PM
In response to PhoneBoy
Jump to solution

Thks for the suggestion. We are planning to upgrade the firmware to R81.10.15, so that we are able to leverage Azure/Entra ID.

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2025-02-20 12:34 AM
In response to wjong
Jump to solution

Best you use 2FA together with UN / PW

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events