Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor

Kerberos Authentication in Checkpoint cloudguard R80.10

Jump to solution

Hi Checkmates,

Dameon Welch-Abernathy

Currently we have local users for all the checkpoint GAiA and SmartConsole but we are planning to move it to a remote authentication servers. we already have Microsoft Azure AD domain services but looks this is not supported in checkpoint cloudguard R80.10

we also have Kerberos Authentication which I am not sure if that is supported in my version. Can you help me know this? 

Many thanks in advance

Omin

0 Kudos
Reply
1 Solution

Accepted Solutions
4 Replies
Admin
Admin

For SmartConsole, you cannot do AD authentication directly, but you can indirectly with RADIUS.

Not sure how much of this applies to Azure AD, but: https://community.checkpoint.com/message/28853-re-active-directory-smart-console-administrator 

0 Kudos
Reply
Contributor

It means we only have one option that is RADIUS. NO Keberos, NO SAML, NO AD, NO TACACS, NO TACACS+ for SmartConsole.

And only RADIUS and TACACS+ for gateways. Am i right?

0 Kudos
Reply
Employee
Employee

Hi Omin,

First of all, we do support TACACS authentication. You can find the documentation in the admin guide.

Regarding AD authentication, we have developed a solution that is currently offered in a limited availability due to some limitations that might apply to some of the customers.

In order to get this solution you can approach Check Point solution center. We recommend waiting for R80.30 but in case you need it on top of R80.20 we can also consider it.

Regarding Azure, we will need to evaluate it based on information about the topology and configuration, the best way to handle it would be submitting an RFE.

Thanks

Yaelle  Harel |  Group Manager

Check Point Software Technologies | Management Product