This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Martin_Raska
Advisor
Advisor
‎2018-10-08 08:10 AM

User Location, usage?

Hello guys,

what is the usage for field Location under user tab? Admin guide and HELP does not clear this.

0 Kudos
5 Replies
Nick_Doropoulos
Advisor
‎2018-10-08 08:33 AM

Hi Martin,

I think it would be fair to say to think of this setting as defining "trusted clients" but instead of limiting access to a Server/Gateway you can limit access to other objects as well like networks etc.

I hope that helps.

0 Kudos
Martin_Raska
Advisor
Advisor
‎2018-10-08 08:48 AM

Why I should use that, we have policy to limit users access. Does this apply for users VPN?

0 Kudos
AlekseiShelepov
Advisor
‎2018-10-08 09:10 AM

From sk92467

The user has a host object defined in the source of allowed locations in its properties. the expected configuration requires that this user properties be defined using network objects, and not a specific host object.

Allowed Location required Office Mode, in the case of a VPN client, it require the office mode range as the source when Office Mode is defined on the gateway. 

I suppose we can assume from this, that the location setting is set per user when you have more general rules for networks. For example we allow all remote users to access server network, but some users (based on name, not on IP) can connect to some specific server, other users can connect to only other servers.

Not sure where is the profit.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-10-13 02:40 AM

This is kind of a "legacy" setting from ages ago when we didn't have things like Access Roles or Mobile Access Blade Smiley Happy

It is primarily to restrict the networks from which or to which a given user may connect using Remote Access VPN above and beyond those imposed by the rules.

Chris_Butler
Collaborator
‎2022-02-11 09:52 AM
In response to PhoneBoy

I know this is an old post, but please correct me if my assumptions below are incorrect:

1) if there are no entries defined in this field for a user, the user can access any host or network that the Mobile Access policy or local gateway security policy allows

2) if there are ANY entries in this setting for a user, the user can access ONLY the listed hosts or networks and all other destinations are blocked, even if mobile access or local gateway security policies would allow it otherwise?

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    li.common.scroll-to.top