https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64352#M12325 <P>Hi All,</P><P>We have enabled Identity Awareness blade yesterday, This has been enabled mainly for the Remote Access VPN users. I am able to fetch the details from AD and created the Access role for the specific group in the AD and provided ANY access for that particular group. But it doesn't seem to be working. User able to connect to Remote Access(Ex: User Bob logs in to RA i can see the identity awareness blade shows the login and logout details but the problem is it is not hitting the Any rule configured. So the users are not able to have complete access which they required. Please let me know how to proceed further on this.</P><P>&nbsp;</P><P>Below are the details:</P><P>GW: R77.30 Take 225</P><P>MDS: R80.10 Take 121</P><P>&nbsp;</P><P>Let me know if you need anymore details on this.</P><P>Thank you in advance.</P><P>&nbsp;</P> Fri, 04 Oct 2019 09:23:24 GMT Sanjay_S 2019-10-04T09:23:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64352#M12325 <P>Hi All,</P><P>We have enabled Identity Awareness blade yesterday, This has been enabled mainly for the Remote Access VPN users. I am able to fetch the details from AD and created the Access role for the specific group in the AD and provided ANY access for that particular group. But it doesn't seem to be working. User able to connect to Remote Access(Ex: User Bob logs in to RA i can see the identity awareness blade shows the login and logout details but the problem is it is not hitting the Any rule configured. So the users are not able to have complete access which they required. Please let me know how to proceed further on this.</P><P>&nbsp;</P><P>Below are the details:</P><P>GW: R77.30 Take 225</P><P>MDS: R80.10 Take 121</P><P>&nbsp;</P><P>Let me know if you need anymore details on this.</P><P>Thank you in advance.</P><P>&nbsp;</P> Fri, 04 Oct 2019 09:23:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64352#M12325 Sanjay_S 2019-10-04T09:23:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64366#M12326 <P>Hello,</P><P>First of all make sure that Identity Awareness blade is active on your firewall.</P><P>Please look into the logs and see which rule is hitting that access. You can also use packet mode to test your policy:&nbsp;<A href="https://community.checkpoint.com/t5/Policy-Management/Packet-Mode-a-new-way-of-searching-through-your-security-policy/td-p/3810" target="_self">Packet mode</A>&nbsp;</P><P>___</P><P>&nbsp;</P> Fri, 04 Oct 2019 12:49:49 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64366#M12326 FedericoMeiners 2019-10-04T12:49:49Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64881#M12327 <P>Hello,</P><P>Based on the information you have provided, I would try to identify the firewall rule that does match the interesting traffic. You could achieve that by doing either of the following:</P><P>- Consult the logs on the manager</P><P>- Run fw ctl zdebug | grep &lt;ip address of the remote acess user you test with&gt; on the gateway and see what policy is dropping the traffic</P><P>Failing the above, you can place the Identity Awareness firewall rule right at the top of the rule base just for testing purposes and try again.</P><P>Once you have done the above, please share with us your findings along with the error encountered on the client side if any.</P><P>I hope this helps.</P> Sat, 12 Oct 2019 17:41:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64881#M12327 Nick_Doropoulos 2019-10-12T17:41:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64900#M12328 Could it be that you have a desktop policy that does not allow the traffic, in other words is the traffic reaching the gateway at all? Sun, 13 Oct 2019 17:29:47 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/64900#M12328 Maarten_Sjouw 2019-10-13T17:29:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/66356#M12329 <P>Hi All,</P><P>We found the issue, we should have communication from our jump server from where we manage the smart console to the customer AD. After getting the access allowed from Jump server to customer AD on all High Ports the IA blade started working as expected. Thank you all for looking into it and suggesting.</P> Thu, 31 Oct 2019 14:30:51 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Awareness-for-Remote-Access-Users/m-p/66356#M12329 Sanjay_S 2019-10-31T14:30:51Z