This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nagaraja_cs
Contributor
‎2018-06-10 10:47 PM

Not able to access native applications for AD users

Setup:Distributed

Version:R80.10 with TAKE_56

AD authentication for SSL VPN users stopped working after AD password expiry of non-admin user.

We were not able to see complete AD tree,we have manually added subdomain with parent domain,after that user is able to authenticate,but not able to access native applications. 

It is working for local users,it will also work AD users if I add 'All uers" in source column of Mobile access policy.

But if I am adding specific AD users or LDAP groups,traffic is dropping with MAB policy with non-existant rule which is showing in logs.

When I am checking for drops with #fw ctl zdebug + drop | grep <ip>,can see drops as per MAB policy rule number which doesn't exist in MAB policy.

The rule number will be changing randomly,but the drop rule number in logs and zdebug output shows same rule number.

Any suggestions on this ?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2018-06-11 11:05 AM

I would engage with the TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events