Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
saulosouza
Explorer

AD Query in Remote Access connection

We migrate from R80.30 to R80.40. In R80.30 Remote Access uses AD Query information, now the information is not processed.

The AD Query is working fine for the other contexts, but it's not applied to VPN connection.

In PDPd and PEPd logs I can see the AD connection for the machine in the VPN, but I think it's not processed by the identity Awareness.

[25387 4059584320]@CPFW01[24 Mar 9:15:20] [TRACKER]: #40148 -> INCOMING -> ADQUERY_ASSOCIATION ->
Association
ip: 10.18.172.35
user:
machine: d580-55931
domain: interno.trt18.jus.br
reason: 0

In the PDPd log I found this:

[25387 4059584320]@CPFW01[24 Mar 9:15:20] [SESSION_UTILS (TD::Events)] pdp::PDPSessionConciliation::shouldOverrideSuperSessionByPriority: existing super session 6bd521f4 office mode IP score (1) > new association office mode IP score (0) - reject new association


Is there a way for identity awareness to use AD Query Data in Remote Access connection? 

Thanks in advance!

3 Replies
PhoneBoy
Admin
Admin

Remote Access clients don't require AD Query because we're authenticating the user directly.
However, it needs to be enabled as an identity source on the gateway object (it's not by default).

0 Kudos
saulosouza
Explorer

Thank you, I have already enabled Remote access as a source. The login is fine, what I want is the information of AD query, when is available. 

PhoneBoy
Admin
Admin

What’s happening is explained here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Specifically “Some identity sources such as Identity Agent, Terminal Server, Captive Portal, and Remote Access VPN cannot be appended to others. In these cases, the conciliation decision is only override or reject.”
Note this is new behavior as of R80.40.
Not 100% sure you can change this, a TAC case will be required.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events