Not a Check Point expert, but it depends on what you can configure on the VPN Gateway. If that supports EAP authentication and the client supports EAP-TLS authentication, this may work. You might need to return additional attributes as well to control firewall policies for the user.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 27, 2023 01:52 PM
From: cdelarosa
Subject: VPN with Checkpoint
Hello i was wondering if i could authenticate with certificates with checkpoint with clearpass
i bealive that for that we need to request the certificate for the clearpass just like we do for the wireless and wired WPA2 enterprise and install that certificate in the clearpass.
After that i was thinking in something simple like this but im not sure if the service is correct
I have no checkpoint to try this config
This service would work? or this is more complicated that i need to configure more things?
On the checkpoint im aware they need to configure on their checkpoint that their radius server will be the clearpass and that they need to configure that it will be with user certificates. But i just want to know if this service is okay or its wrong?
Thanks