topic Identity Agent - Distributed Configuration in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Agent-Distributed-Configuration/m-p/60396#M12379 <P>Hi there,<BR /><BR /></P><P>For some reason, my&nbsp; Identity Agent version R80.181.0000 on windows 10 Enterprise and our Domain Controller is running on Windows Server 2016 using&nbsp; SSO settings with Kerberos authentication isn't respecting Identity Server priorities. I configured in Identity Agent a gateway with priority 20 within Distributed List and Server Configuration. And I have configured in our DNS SRV records other gateways with priority 100.</P><P><BR />What should happen is that Identity Agent connects to the priority 20 gateway and if it cannot for some reason connect to the 100 priority firewall however what happens it immediately connects to the 100 priority firewalls.</P><P>Anyone see this situation before?</P> Thu, 15 Aug 2019 14:56:45 GMT FelipeTropeia 2019-08-15T14:56:45Z Identity Agent - Distributed Configuration https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Agent-Distributed-Configuration/m-p/60396#M12379 <P>Hi there,<BR /><BR /></P><P>For some reason, my&nbsp; Identity Agent version R80.181.0000 on windows 10 Enterprise and our Domain Controller is running on Windows Server 2016 using&nbsp; SSO settings with Kerberos authentication isn't respecting Identity Server priorities. I configured in Identity Agent a gateway with priority 20 within Distributed List and Server Configuration. And I have configured in our DNS SRV records other gateways with priority 100.</P><P><BR />What should happen is that Identity Agent connects to the priority 20 gateway and if it cannot for some reason connect to the 100 priority firewall however what happens it immediately connects to the 100 priority firewalls.</P><P>Anyone see this situation before?</P> Thu, 15 Aug 2019 14:56:45 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Agent-Distributed-Configuration/m-p/60396#M12379 FelipeTropeia 2019-08-15T14:56:45Z Re: Identity Agent - Distributed Configuration https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Agent-Distributed-Configuration/m-p/60514#M12380 <P>If I'm understanding&nbsp;sk134312 correctly, this requires R80.20+ gateways.<BR />Is that the case here?</P> Sat, 17 Aug 2019 19:58:51 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Identity-Agent-Distributed-Configuration/m-p/60514#M12380 PhoneBoy 2019-08-17T19:58:51Z