cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Doeschi
Nickel

Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

Hi all,

I'm failing while trying to configure the identity collector using a R80.20 EA Mgmt and R77.30 Gateways with JHF317. As soon as I'm changing the product version of the gateway to R77.30 in SmartDashboard, the possibility to configure the IDC in the Identity Awareness Section of the cluster config is gone... but is back, as soon as I change the product version to R80.10. In the documents, it's written that R77.30 gateways from JHF308++ are supported to use with IDC.

Has anyone been able to do that? Am I doing something wrong? 🙂

Regards

Roger

1 Solution

Accepted Solutions

Re: Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

In R77.30 and lower version, I believe you should configure the collector as Terminal server. Please check this sk

Identity Collector fails to connect / add / edit a Security Gateway 

I think what they mean by support, might some code enhancement in the pdpd daemon which communicate with the identity sources like IDC. The new IDC supports other things like parsing syslog messages and extract identities from it. I believe pdpd should know about the new capabilities of the collector. you will not see the change in the gui.

Thanks

4 Replies

Re: Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

In R77.30 and lower version, I believe you should configure the collector as Terminal server. Please check this sk

Identity Collector fails to connect / add / edit a Security Gateway 

I think what they mean by support, might some code enhancement in the pdpd daemon which communicate with the identity sources like IDC. The new IDC supports other things like parsing syslog messages and extract identities from it. I believe pdpd should know about the new capabilities of the collector. you will not see the change in the gui.

Thanks

Re: Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

That's absolutely correct answer - use Terminal server and it works like a charm. Just remember to tick the box for pre R80.10 gateway in IDC

0 Kudos
Doeschi
Nickel

Re: Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

Thanks for your answer, you're right. I found the same solution deep in some documentation shortly after I posted this question and set it up like this. Unfortunaly, I can't say if it's finally working because I had to request a valid certificate for the gateway first and I'm waiting for that. But lets be optimistic 🙂

0 Kudos
Highlighted

Re: Identity Collector on R80.20 Mgmt & R77.30 GW

Jump to solution

It should work with the self signed certificate. when you establish the connectivity from the IDC to the gateway you must accept the finger prints of the cert.