This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Laurence_Curlin
Explorer
‎2021-04-20 09:39 AM
Jump to solution

Radius Authentication on VMSS

Hi

 

I have an issue where I am trying to configure Radius auth to the firewalls that will be replicated during a scale out event, is this possible ? 

I have considered the possibility of simply adding the clish commands to the autoprov script could this work? any help will be greatly appreciated.

 

Thank you in advance, 

0 Kudos
1 Solution

Accepted Solutions
AyGit
Contributor
‎2021-04-20 04:30 PM
Jump to solution

Hi,

Try this:

  1. create a script in the SMS --> vi $FWDIR/conf/autoscaling-new-instance.sh
  2. add the line below in the shell script:

    #! /bin/bash
    clish -c 'add aaa radius servers priority 1 host <@IP> port 1812 secret timout 30'
    clish -c 'add aaa radius servers default-shell /bin/bash'
    clish -c 'add aaa radius servers super-user-uid 0'

  3. Assign the execute permission to the shell script --> chmod u+x $FWDIR/conf/autoscaling-new-instance.sh
  4. Configure CME and set the relevant template to use this script --> autoprov_cfg set template –tn <CONFIGURATION-TEMPLATE-NAME> –cg $FWDIR/conf/autoscaling-new-instance.sh

You can add other command in the script for automation purpose.

Regards

View solution in original post

(1)
2 Replies
AyGit
Contributor
‎2021-04-20 04:30 PM
Jump to solution

Hi,

Try this:

  1. create a script in the SMS --> vi $FWDIR/conf/autoscaling-new-instance.sh
  2. add the line below in the shell script:

    #! /bin/bash
    clish -c 'add aaa radius servers priority 1 host <@IP> port 1812 secret timout 30'
    clish -c 'add aaa radius servers default-shell /bin/bash'
    clish -c 'add aaa radius servers super-user-uid 0'

  3. Assign the execute permission to the shell script --> chmod u+x $FWDIR/conf/autoscaling-new-instance.sh
  4. Configure CME and set the relevant template to use this script --> autoprov_cfg set template –tn <CONFIGURATION-TEMPLATE-NAME> –cg $FWDIR/conf/autoscaling-new-instance.sh

You can add other command in the script for automation purpose.

Regards

(1)
Laurence_Curlin
Explorer
‎2021-04-20 11:06 PM
In response to AyGit
Jump to solution

Absolutely awesome, thank you very much for that information, I have been searching for ages for clear concise instructions like that.

Labels