Issue with Identity Awareness on Checkpoint Maestr...

This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.

Reject

Preferences

ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ Sign In

Products
Learn
Local User Groups
Partners
- Welcome Partners!
More

Products
Learn
Local User Groups
- Upcoming Events
- Americas
- EMEA
  - Czech Republic and Slovakia
  - Denmark
  - Netherlands
  - Germany
  - Sweden
  - United Kingdom and Ireland
  - France
  - Spain
  - Norway
  - Ukraine
  - Baltics and Finland
  - Greece
  - Portugal
  - Austria
  - Kazakhstan and CIS
  - Switzerland
  - Romania
  - Turkey
  - Belarus
  - Belgium & Luxembourg
  - Russia
  - Poland
  - Georgia
  - DACH - Germany, Austria and Switzerland
  - Iberia
  - Africa
  - Adriatics Region
  - Eastern Africa
  - Israel
  - Nordics
  - Middle East and Africa
  - Balkans
  - Italy
  - Bulgaria
  - Cyprus
- APAC
  - Korea
  - Mongolia
  - Bangalore
  - Greater China
  - Australia/New Zealand
  - Philippines
  - Japan
  - Singapore
  - India
  - Thailand
  - Taiwan
  - Hong Kong
  - Indonesia
Partners
- Welcome Partners!
More
ABOUT CHECKMATES & FAQ
- About CheckMates & FAQ
- Community Guidelines
Sign In
Leaderboard
Events

Maestro Masters
Round Table session with Maestro experts

WATCH NOW

Create a Post

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

CheckMates
:
Products
:
Network & SASE
:
Maestro Masters
:
Issue with Identity Awareness on Checkpoint Maestr...

Options

Subscribe to RSS Feed
Mark Topic as New
Mark Topic as Read
Float this Topic for Current User
Bookmark
Subscribe
Mute
Printer Friendly Page

cancel

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

sarna

Explorer

‎2023-10-25 07:19 AM

Mark as New
Bookmark
Subscribe
Mute
Subscribe to RSS Feed
Permalink
Print
Report Inappropriate Content

Issue with Identity Awareness on Checkpoint Maestro M140 Module 1

Hello CheckMates,

I'm reaching out to the community for some insights or potential solutions regarding an issue we are encountering with our Checkpoint Maestro M140 setup.

Setup Details:

Hardware: Checkpoint Maestro M140 with 3 modules
Remote Access: F5 BIG IP APM for SSL VPN
Authentication: Azure AD SAML
Integration: Using an API for communication between F5 BIG IP APM and Checkpoint (with Identity Web API on Checkpoint's side and iRule on F5's side)
User Info & LDAP: Post-authentication, F5 communicates the user's username and IP to Checkpoint via API. LDAP then fetches group information using access roles.

Issue: Everything functions seamlessly on modules 2 and 3. However, we're facing a peculiar issue with module 1. In module 1, there is no user information being recorded at all. The session logs are there, but they lack any username and don't seem to acknowledge the Identity Awareness blade.

Steps Taken:

I've attempted clearing all PEP/PDP sessions, but this did not resolve the issue.
Restarting the firewall isn't feasible for us at this moment.

Given that this issue is isolated to just one module in a multi-module setup, I wonder if anyone in the community has encountered a similar situation or could offer any insights.

Any advice, suggestions, or shared experiences would be highly appreciated!

Thank you in advance for your assistance and insights.

0 Kudos