This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hrvoje_Brlek
Collaborator
‎2020-12-08 01:04 AM

TPM - pin cache

Hi,

We are using certificate authentication for our remote VPN users, and everything works fine. Certficates are stored on a smart card, and ActivClient is used as a middleware for the certificates. We use those certificates to logon into the Windows machines also, and have the VPN Always-on function enabled, so after booting up and logging in, the VPN is automatically started and connected. The PIN used for the smart card is automatically passed for the VPN authentication from Windows logon, we have enabled it through a registry setting for the ActivClient PIN caching (EnablePINCacheForPINAlwaysPrivateKeys).

As we also have TPM (Trusted Platfom Module) on Windows, we would like to use the same function of PIN caching as we have for the smart cards. With TPM, after logging in into Windows, another pop-up shows asking for the same PIN again for the client VPN authentication. Does anybody know if this is possible to overcome, to have the PIN cached for the TPM? So the VPN client would automatically connect without the user knowing. I know this is not strictly a Check Point thing, but maybe someone could help, or had the same situation.

Thanks!

0 Kudos
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events