topic Identity Awareness with Clustered 23500 Error in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-with-Clustered-23500-Error/m-p/91691#M10899 <P>Hello<BR />I have two clustered 23500 appliances.<BR />I have deployed Identity Awareness with Identity agent.<BR />Identity Agent accepting connections from internal nics.<BR />On the DNS server I have created the _tls option and named giris.xxx.edu.tr. I have created a CNAME giris.xxx.edu.tr and used ip adress 10.2.4.4 which is my mgmt ports virtual ip. (10.2.4.5 is FW-1 and 10.2.4.6 is FW-2)<BR />I have created a custom agent and used fw-1's custom agent.msi.<BR />While the active node is FW-1 there is no problem for authentication but when I make FW-1 Passive Node and FW-2 Active Node User can not login. The agent is prompting me for username and password.</P><P>I have a few questions could you please help me about them?</P><P>How do I do deploy configuration for clustered nodes? Is my configuration true? Why FW-2 is not authenticating?</P><P>&nbsp;</P> Thu, 16 Jul 2020 08:02:42 GMT sukruozdemir 2020-07-16T08:02:42Z Identity Awareness with Clustered 23500 Error https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-with-Clustered-23500-Error/m-p/91691#M10899 <P>Hello<BR />I have two clustered 23500 appliances.<BR />I have deployed Identity Awareness with Identity agent.<BR />Identity Agent accepting connections from internal nics.<BR />On the DNS server I have created the _tls option and named giris.xxx.edu.tr. I have created a CNAME giris.xxx.edu.tr and used ip adress 10.2.4.4 which is my mgmt ports virtual ip. (10.2.4.5 is FW-1 and 10.2.4.6 is FW-2)<BR />I have created a custom agent and used fw-1's custom agent.msi.<BR />While the active node is FW-1 there is no problem for authentication but when I make FW-1 Passive Node and FW-2 Active Node User can not login. The agent is prompting me for username and password.</P><P>I have a few questions could you please help me about them?</P><P>How do I do deploy configuration for clustered nodes? Is my configuration true? Why FW-2 is not authenticating?</P><P>&nbsp;</P> Thu, 16 Jul 2020 08:02:42 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-with-Clustered-23500-Error/m-p/91691#M10899 sukruozdemir 2020-07-16T08:02:42Z Re: Identity Awareness with Clustered 23500 Error https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-with-Clustered-23500-Error/m-p/91775#M10900 <P>I hope everything is OK except my Agent.msi.<BR />I have installed a clean Windows 10, installed custom agent on it and deployed again.&nbsp;<BR />It is working perfect now.</P> Fri, 17 Jul 2020 08:45:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-with-Clustered-23500-Error/m-p/91775#M10900 sukruozdemir 2020-07-17T08:45:50Z