- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Hi All,
We are implementing certificate authentication for remote VPN without LDAP and AD. ISE is identity store and we are using ISE`s CA feature.
The authentication is working fine, as auth is going internally in firewall but we also need user groups for policy management.
I wonder is it possible to configre CP to read OU from cert and add users to groups based on OU?
Thanks in advance!
I believe we can only retrieve groups from LDAP.
However, if you're integrating with Cisco ISE, you should be able to use Identity Tags as a group source.
See: https://community.checkpoint.com/t5/Policy-Management/How-to-use-Identity-Awareness-Tags-in-R80-20-M...
I believe we can only retrieve groups from LDAP.
However, if you're integrating with Cisco ISE, you should be able to use Identity Tags as a group source.
See: https://community.checkpoint.com/t5/Policy-Management/How-to-use-Identity-Awareness-Tags-in-R80-20-M...
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY