Support Center > Search Results > SecureKnowledge Details
When using an ActiveSync app on an iOS connected to R76 / R77 Security Gateway, multiple sessions could be established for each user Technical Level
  • When using an ActiveSync app on an Android phone or an iPhone, multiple sessions could be established for each user.

  • Check Point Mobile clients take more than one seat per license count on Security Gateway.

  • Output of 'listusers' command shows the same user and user's IP address several times.

  • $CVPNDIR/log/cvpnd.elg (under debug) shows a mismatch between login name and the DN on the certificate:
    [SESSION] [CVPN_WARNING] Cvpn::SessionManager::isSessionValidForCreds: Username mismatch: current username: 'UserName', username stored on session: 'FirstName LastName'
    [SESSION] [CVPN_WARNING] Cvpn::SessionManager::getSessionByDeviceID: sessionID (...) not valid for creds gived by user (UserName)
  • Affected versions: Mobile Access Security Gateways R76, R77.
    For R75.X, refer to sk68120.

The problem is with the ActiveSync feature - not with Check Point Mobile.

Phone certificate differs from user login name, so every time ActiveSync is initiated, a new authentication session is created.

User CN (and the fullname attribute from the LDAP) is the person's full name, whereas in Check Point, the CN is only the username.

Note: To view this solution you need to Sign In .