This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
saulosouza
Explorer
‎2021-03-09 05:28 AM

Machine based Access Roles with Office Mode/Remote Access VPN


We have an R80.40 Gateway Cluster with Identity Awareness. The identity sources are AD Query and Remote Access. Mobile Access Office Mode is enabled. User-based access roles work fine for VPN users, but the same can't be said for an access role that defines the machines. 

The AD Query is working fine for the other contexts, but it's not applied to VPN connection.

In PDPd and PEPd logs I can see the AD connection for the machine in the VPN, but I think it's not processed by the identity Awareness.

[28237 4059047744]@CPFW01[25 Feb 14:01:17] [TRACKER]: #3326304 -> INCOMING -> ADQUERY_ASSOCIATION ->
Association
ip: 10.18.172.130
user:
machine: dxx-55375
domain: xxx.jus.br
reason: 


Is there a way for the Remote Access and AD Query to work together to get the machine identification? What I'm trying to achieve here is to have identified domain machines hit a different rule/layer compared to a machine that remotely connects and is not identified.

Thanks in advance!

0 Kudos
1 Reply
_Val_
Admin
Admin
‎2021-03-09 06:50 AM

The R80.40 release adds a new VPN authentication capability to Security Gateway. Authentication with a machine certificate as of Endpoint Security Client E80.71 is now available for gateways. Refer to Remote Access VPN R80.40 Administration Guide

Also, highly recommended is sk86240

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events