This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
medtiti92
Participant
‎2024-12-24 12:46 AM
Jump to solution

binding ip address with mac address for users

Hi 

i'am using Checkpoint 9100 with R80.20 as SMS. I would like to assign each user IP address with a mac address. That's mean, if i take a IP address of my neighboor i can't access to network or internet 

can we do this in checkpoint ?

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-12-24 05:58 AM
Jump to solution

MAC addresses are not something you can “assign” as they are determined by the hardware the user is using.
We also don’t do any enforcement based on MAC address, therefore no ability to bind a user to a MAC.

View solution in original post

12 Replies
PhoneBoy
Admin
Admin
‎2024-12-24 05:58 AM
Jump to solution

MAC addresses are not something you can “assign” as they are determined by the hardware the user is using.
We also don’t do any enforcement based on MAC address, therefore no ability to bind a user to a MAC.

the_rock
MVP Diamond
MVP Diamond
‎2024-12-24 06:22 AM
Jump to solution

What type of user exactly?

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
medtiti92
Participant
‎2024-12-24 07:00 AM
In response to the_rock
Jump to solution

When i said bind ip address with mac address, i mean if the IT department give the ip : 192.168.76.89 to computer_user_1, so i want to bind this ip address with the mac address of the computer computer_user_1.

Some users IP address are able to access some categories of sites, so if someone is absent, some users are able to table their ip address to reach those categories sites ..;

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2024-12-24 07:06 AM
In response to medtiti92
Jump to solution

The closest thing I can think of would be below.

Andy

Screenshot_1.png

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
medtiti92
Participant
‎2024-12-24 07:26 AM
In response to the_rock
Jump to solution

@the_rock thanks for your reply, but it's vpn client for the remoter users. What i want is for the local network.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2024-12-24 07:29 AM
In response to medtiti92
Jump to solution

As Phoneboy said, thats not sadly possible, sorry.

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin
‎2024-12-24 01:42 PM
In response to medtiti92
Jump to solution

A Check Point gateway can do this enforcement irrespective of the IP address with Identity Awareness and App Control/URL Filtering.
That assumes the policy is enforced on a Check Point gateway, of course.

0 Kudos
medtiti92
Participant
‎2024-12-24 02:14 PM
In response to PhoneBoy
Jump to solution

How can i do that in checkpoint gateway ?

the_rock
MVP Diamond
MVP Diamond
‎2024-12-24 02:19 PM
In response to medtiti92
Jump to solution

Maybe access role? Not sure, let @PhoneBoy  confirm.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin
‎2024-12-24 05:11 PM
In response to medtiti92
Jump to solution

A lot more information about the environment would be necessary to give you specific answers.
In general, though, you need to configure access to the relevant identity sources, create Access Roles, and create the relevant access rules using those Access Roles.
Supported identity sources include:

  • On-premise Active Directory
  • Identity Agents (for individual-use PCs and multi-user systems like Terminal Servers)
  • RADIUS Accounting
  • Identity Web API
  • Remote Access
  • Identity Collector 
  • Captive Portal (supports Kerberos)

More on the above can be found here: https://sc1.checkpoint.com/documents/Identity_Awareness_Clients_Admin_Guide/Content/Topics-IA-Client... 
See also: https://support.checkpoint.com/results/sk/sk86441 

0 Kudos
PhoneBoy
Admin
Admin
‎2024-12-24 05:13 PM
In response to PhoneBoy
Jump to solution

See also the podcast I did talking about Identity Awareness Best Practices, the notes for which link to more detailed sessions on the topic: https://community.checkpoint.com/t5/CheckMates-Go-Cyber-Security/S06E08-Identity-Awareness-Best-Prac... 

0 Kudos
medtiti92
Participant
‎2024-12-25 12:40 PM
In response to PhoneBoy
Jump to solution

Thanks @PhoneBoy for these idea, i will read all of this and hope find solutions.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events