Hello CheckMates,
I'm reaching out to the community for some insights or potential solutions regarding an issue we are encountering with our Checkpoint Maestro M140 setup.
Setup Details:
- Hardware: Checkpoint Maestro M140 with 3 modules
- Remote Access: F5 BIG IP APM for SSL VPN
- Authentication: Azure AD SAML
- Integration: Using an API for communication between F5 BIG IP APM and Checkpoint (with Identity Web API on Checkpoint's side and iRule on F5's side)
- User Info & LDAP: Post-authentication, F5 communicates the user's username and IP to Checkpoint via API. LDAP then fetches group information using access roles.
Issue: Everything functions seamlessly on modules 2 and 3. However, we're facing a peculiar issue with module 1. In module 1, there is no user information being recorded at all. The session logs are there, but they lack any username and don't seem to acknowledge the Identity Awareness blade.
Steps Taken:
- I've attempted clearing all PEP/PDP sessions, but this did not resolve the issue.
- Restarting the firewall isn't feasible for us at this moment.
Given that this issue is isolated to just one module in a multi-module setup, I wonder if anyone in the community has encountered a similar situation or could offer any insights.
Any advice, suggestions, or shared experiences would be highly appreciated!
Thank you in advance for your assistance and insights.