This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
AdrianJames
Participant
‎2020-06-16 02:09 AM

Use radius authentication to identify users on the logs

Dear Everyone,

The customer is using radius to authenticate the users on their captive portal. The radius server pull the users on their Open LDAP server. I would like to know if it is possible to show the source username on the logs using radius or ldap. The version of their gateway is r80.30. 

 

Regards,

AJ

6 Replies
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2020-06-16 03:50 AM

What is serving the Captive Portal, Check Point or something else?

Note Identity Awareness supports RADIUS accounting and Browser based authentication.

CCSM R77/R80/ELITE
AdrianJames
Participant
‎2020-06-16 04:16 AM
In response to Chris_Atkinson

It is someone else. They have different device serving the Captive portal. Is it okay if I could get the sk for configuring the radius accounting?
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2020-06-16 04:33 AM
In response to AdrianJames

It's covered in the Identity Awareness admin guide, some further discussion was recently had on it here also: 

https://community.checkpoint.com/t5/General-Management-Topics/Identity-Awareness-question/m-p/82342

CCSM R77/R80/ELITE
0 Kudos
AdrianJames
Participant
‎2020-06-16 07:14 AM
In response to Chris_Atkinson

Thank you Chris. I will check this.
Amir_Senn
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2020-06-16 04:28 AM

Hey,

Try going to audit logs and use the query "Authentication method: radius" AND operation:"Log In".

Try to open one of the logs and see if there's additional information that could help you distinguish between users. If every user has different administrator that should be enough.

Tell me if this helps you.

Amir

Kind regards, Amir Senn
AdrianJames
Participant
‎2020-06-16 07:13 AM
In response to Amir_Senn

Thank you Amirse. I will check this as well. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events