This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nflnetwork29
Advisor
‎2022-05-24 02:22 PM

Checkpoint Access Role not being matched

Hello I have setup remote access vpn and using office mode + SAML Authentication (Azure Ad) 

In my policy I created 1 ACL to allow traffic thru the VPN to my inside networks. My "Source" value is my access role. This Access role includes my Azure Active Directory Group.  

 

My traffic is hitting the cleanup rule . It's not being matched . 

 

If i change my source to 'any" - traffic is matched . 

 

I've narrowed it down the access role being the issue . 

 

Does anyone have a sample configuration I could look at?

Labels
0 Kudos
3 Replies
Manuel_Schulz
Explorer
‎2022-06-17 01:08 AM

Are there any news about this topoc.
We have a lab firewall with the same setup and the same problem. We are on 81 Take 68.
The authentication is working but the ACR is only matching if we define "Any identified User". The Username (UPN) is visible in the logs. 

0 Kudos
Manuel_Schulz
Explorer
‎2022-06-17 02:51 AM

I did some further testing. If i put a group from our ad in the ACR the permissions are granted. 
I think this is not the intendet purpose and there should be some configuration to change this behavoir.

0 Kudos
Manuel_Schulz
Explorer
‎2022-06-17 02:57 AM
In response to Manuel_Schulz

Maybe this could help.
Hint from MattDunn 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top