This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Fedor_Agafonov1
Contributor
‎2019-03-25 10:17 AM
Jump to solution

Tacacs+ SmartDshboard authentication

Hello,

Not work  tacacs authentication in SmartDshboard. But on this managment applince ssh and WebUI tacacs authentication is work. In log "Administrator failed to log in: Wrong Password"

Tacacs server is Cisco ISE.

 

0 Kudos
1 Solution

Accepted Solutions
Fedor_Agafonov1
Contributor
‎2019-04-03 01:40 AM
In response to PhoneBoy
Jump to solution

We solve.

 

When authenticating through Web, SSH, we have one request - one reply, as usual

.

When use tacacs  authentification  for WebUI or SSH checkpoint send only one request to tacacs server. Its default configuration tacacs server on Cisco ISE.

But, when use tacacs  authentification  for SmartDashboard, sends three request (1- Action=Login, 2-Username, 3- Password ) . 

Need configure Cisco ISE tacacs policy condition  to “match NetworkAccess username”.

 

Discribe bug :

https😕/bst.cloudapps.cisco.com/bugsearch/bug/CSCvm51754/?rfs=iqvred

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2019-03-29 05:24 PM
Jump to solution

Have you configured a TACACS server in SmartConsole?
Have you created the appropriate administrator users in SmartConsole and configured them for TACACS authentication?
May be relevant also: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos
Fedor_Agafonov1
Contributor
‎2019-04-03 01:40 AM
In response to PhoneBoy
Jump to solution

We solve.

 

When authenticating through Web, SSH, we have one request - one reply, as usual

.

When use tacacs  authentification  for WebUI or SSH checkpoint send only one request to tacacs server. Its default configuration tacacs server on Cisco ISE.

But, when use tacacs  authentification  for SmartDashboard, sends three request (1- Action=Login, 2-Username, 3- Password ) . 

Need configure Cisco ISE tacacs policy condition  to “match NetworkAccess username”.

 

Discribe bug :

https😕/bst.cloudapps.cisco.com/bugsearch/bug/CSCvm51754/?rfs=iqvred

AHMADAHUSEN
Participant
‎2019-12-08 08:56 PM
In response to Fedor_Agafonov1
Jump to solution

It's very helpful solution

0 Kudos
Prashant_YADAV1
Contributor
‎2020-07-16 03:46 AM
In response to Fedor_Agafonov1
Jump to solution

Hey Fedor,

Is it possible to attach the screenshot of the CISCO ISE you have to do to make it works?

Thanks.

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top