Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
adil_bashrahil
Explorer

Need a help guide me by step by step i am new in checkpoint environment

1-Enable user authentication on firewall.

2-when any http traffic pass through firewall , it ask username and password.

3-when Telnet traffic is pass, it shoud go without authentication.

4-When we do ping , it ask again username and password..(Use any pattern of authentication

Treat like new babie Smiley Happy thanks 

3 Replies
Nüüül
Advisor

0 Kudos
cezar_varlan1
Collaborator

Yes Identity Awareness is the key here. For Telnet traffic you would need to add a rule to match and allow Telnet just above the first rule with Identity Awareness. 

Also when using Identity Awareness go for the Captive Portal if you would want to see Username/Password type of challenge, However keep in mind that in order to receive the Username/Password authentication dialog you need to first open a web browser that would get redirected. The only other way to do this without using transparent ADQuery is to use the Identity Agent and deploy it on all machines. 

Please read the previous links posted by Daniel Meier

Also have a look here: ATRG: Identity Awareness 

And if you deploy this in a large environment: Best Practices - Identity Awareness Large Scale Deployment 

Best Regards,

Cezar

0 Kudos
Gaurav_Pandya
Advisor

Hi,

Telnet, http, ftp and rlogin are the services which intercepts the flow and asks for authentication in User Authentication.

If you don't want this for telnet service then you can put rule for telnet and put accept in action field As first it checks the rule which is allowed without authentication.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events