Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
medtiti92
Participant
Jump to solution

binding ip address with mac address for users

Hi 

i'am using Checkpoint 9100 with R80.20 as SMS. I would like to assign each user IP address with a mac address. That's mean, if i take a IP address of my neighboor i can't access to network or internet 

can we do this in checkpoint ?

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

MAC addresses are not something you can “assign” as they are determined by the hardware the user is using.
We also don’t do any enforcement based on MAC address, therefore no ability to bind a user to a MAC.

View solution in original post

11 Replies
PhoneBoy
Admin
Admin

MAC addresses are not something you can “assign” as they are determined by the hardware the user is using.
We also don’t do any enforcement based on MAC address, therefore no ability to bind a user to a MAC.

the_rock
Legend
Legend

What type of user exactly?

Andy

0 Kudos
medtiti92
Participant

When i said bind ip address with mac address, i mean if the IT department give the ip : 192.168.76.89 to computer_user_1, so i want to bind this ip address with the mac address of the computer computer_user_1.

Some users IP address are able to access some categories of sites, so if someone is absent, some users are able to table their ip address to reach those categories sites ..;

0 Kudos
the_rock
Legend
Legend

The closest thing I can think of would be below.

Andy

Screenshot_1.png

0 Kudos
medtiti92
Participant

@the_rock thanks for your reply, but it's vpn client for the remoter users. What i want is for the local network.

0 Kudos
the_rock
Legend
Legend

As Phoneboy said, thats not sadly possible, sorry.

Andy

0 Kudos
PhoneBoy
Admin
Admin

A Check Point gateway can do this enforcement irrespective of the IP address with Identity Awareness and App Control/URL Filtering.
That assumes the policy is enforced on a Check Point gateway, of course.

0 Kudos
medtiti92
Participant

How can i do that in checkpoint gateway ?

the_rock
Legend
Legend

Maybe access role? Not sure, let @PhoneBoy  confirm.

0 Kudos
PhoneBoy
Admin
Admin

A lot more information about the environment would be necessary to give you specific answers.
In general, though, you need to configure access to the relevant identity sources, create Access Roles, and create the relevant access rules using those Access Roles.
Supported identity sources include:

  • On-premise Active Directory
  • Identity Agents (for individual-use PCs and multi-user systems like Terminal Servers)
  • RADIUS Accounting
  • Identity Web API
  • Remote Access
  • Identity Collector 
  • Captive Portal (supports Kerberos)

More on the above can be found here: https://sc1.checkpoint.com/documents/Identity_Awareness_Clients_Admin_Guide/Content/Topics-IA-Client... 
See also: https://support.checkpoint.com/results/sk/sk86441 

0 Kudos
PhoneBoy
Admin
Admin

See also the podcast I did talking about Identity Awareness Best Practices, the notes for which link to more detailed sessions on the topic: https://community.checkpoint.com/t5/CheckMates-Go-Cyber-Security/S06E08-Identity-Awareness-Best-Prac... 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events