Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ihenock1011
Advisor

Identity Awareness Sk113021

Hi All,

We have Check Point R81.10 security gateways with Identity Awareness configured. We installed the agent on a separate server to fetch logs from the Active Directory, displaying machine names and source usernames accurately. However, on one of the security gateways, it shows 'failed' and refers to SK113021. I attempted to address this issue following the guidance in the document, but it did not resolve the problem. Please any help

Thanks

0 Kudos
7 Replies
AkosBakos
Leader Leader
Leader

Hi,

  • Do you mean that, when you want to link (SIC) the gateway to the IA Collector? 
  • The IA collectos is the latest version?
  • That interface whicf in use for this connection is a Cluster interface?

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
Ihenock1011
Advisor

  • Do you mean that, when you want to link (SIC) the gateway to the IA Collector? 
  • Yes when I add the gateway on the IA Collector
  • The IA collectors is the latest version?
  • Yea downloaded from the SMS and working fine for the other gateways
  • That interface which in use for this connection is a Cluster interface?
  • not the cluster the private IP of the VS
0 Kudos
AkosBakos
Leader Leader
Leader

Hi,

Are we talking about a VS on a VSX cluster? 

If yes, the IA is communicating on one of the interfaces of the VS. Can the VS reach the IA colletctor somehow. The ping, telnet of 443 works?

Akos

 

----------------
\m/_(>_<)_\m/
0 Kudos
Ihenock1011
Advisor

Yes VS in vsx member the other two VS are okay only one of the vs has an issue. Connectivity is okay

0 Kudos
the_rock
Legend
Legend

If you run a capture from say one that works and one that does not to the IC ip address, what do you see as far as difference?

Andy

the_rock
Legend
Legend

Hey bro,

How you been? Can you please send a screenshot of it? Just blur out any sensitive data.

Andy

0 Kudos
the_rock
Legend
Legend

Interestingly enough, I just did some testing in the lab and realized 2 of my gateways were complaining about shared secret, though absolutely nothing was changed. When I rebooted machine where IC is installed, all worked fine.

Have you tried that?

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events