Check Point Remote Access Clients
Is Check Point IPSec-VPN Windows Client supported by RSA SecurID integration?
We have contacted RSA Support to validate this but can't seem to have a definite answer as they are relying/referencing only on the available documentation for Check Point (Check Point Remote Access Client - RSA SecurID Access Implementation Guide) which is SSL-VPN in RSA Ready list.
Appreciate the community response. Thank you!
- Community Thread
- Forum Thread
- RSA SecurID
- RSA SecurID Access
- RSA SecurID Integration
I have spent some hours integrating RSA CAS with a Checkpoint VPN, and have found some interesting conclusions, please see below.
According to the integration manual, you need to configure settings under "VPN Clients -> Authentication". But in some cases this is not available in the Smartconsole GUI, you need to first enable IPSec under "General Properties -> IPSec VPN"
In addition, for the Windows VPN client to work, it is necessary to enable "Ask user for password (will be used automatically answer the first)" under "VPN Clients -> Authentication" Settings button, otherwise the negotiation for the 2nd factor selection will fail, and you can only use the last valid factor for the user (either tokencode, push, biometrics, ...).
I think these points need to be included in the manual.
Hi Nicanor Pulido - thanks very much for the feedback. Can you provide the Checkpoint version you are using?
Once I have that I can make sure your information is seen by our RSA Ready/Partner Engineering team.