Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
casgrain
Participant

Remove Access VPN: Gateway presenting wrong certificate?

Hi,

I've noticed our gateways are presenting the web certificate configured for platform portal/usercheck/saml portal instead of the one under IPSEC VPN. 

Am I missing something? From my understanding this is not the expected behavior. I've attached some screenshot in hope it'll help understand my context. 

We on R81.10 with hotfix take 81. All clients are version E84 or above. 


6 Replies
the_rock
Legend
Legend

That does not appear right. Let me check it in cusomer's environment and will update you.

0 Kudos
the_rock
Legend
Legend

Question...did you actually end up removing defaultCert that was there? I ask because you can NOT change nickname of a cert, unless new one is created. By the way, checked for another client and they have default cert there and works fine, I deleted their VPN site and created it again and get proper fingerprint. They also use another cert for web UI which is also presented correctly.

0 Kudos
casgrain
Participant

Yes it was changed a while back, on R77.30 some 4-5 years ago when it expired to what you currently see. I did renew that same cert a few weeks ago since they expired. 

Checkpoint support have seen this setting multiple times without mentioning this would be problem so I'm a bit confused... 

the_rock
Legend
Legend

Dont believe its an issue per se, but was more curious.

0 Kudos
casgrain
Participant

I have the same issue on same version. Any ideas how to resolve this? 

0 Kudos
the_rock
Legend
Legend

Whats gw, client version?

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events