This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Nocky24
Participant
‎2018-08-21 10:30 AM

Issue using Machine based Access Roles with Office Mode/Remote Access VPN

We have an R80.10 Azure based Gateway Cluster with Identity Awareness/AD Query and Mobile Access Office Mode enabled. User based access roles (e.g. AD user security groups, user accounts) work absolutely fine when a user VPNs in and receives an Office Mode IP, but the same can't be said for an access role which defines the machines as well e.g. Any Identified Machine or a select group of machines in AD - the traffic always fails to match.

I spoke to CP TAC briefly and they said it's because the IP of the machine (physical NIC IP) and the source IP of the traffic (the Office Mode Virtual IP) doesn't match, which it wouldn't in a remote access scenario. What it does have though is all the required info to determine that 10.60.60.1 belongs to machine 1210R32-LT-S despite it having 192.168.1.230 as the assigned IP as shown in the attached pic.

Anyone come across this before?

What I'm trying to achieve here is have identified domain machines hit a different rule/layer compared to a machine that remotely connects and is not identified.

Thanks in advance!

Preview file
27 KB
2 Replies
G_W_Albrecht
Legend Legend
Legend
‎2018-08-24 02:58 AM

Why not involve TAC here ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PA
Explorer
‎2019-09-06 05:18 AM

Have you solved this problem?

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events