This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
KM1895
Collaborator
Collaborator
‎2022-03-10 02:55 AM

Problems with using UPN for remote access

 

hi,

I am currently trying to assist a customer with changing login name from SAM to UPN for their remote access environments.

I have changed the CustomLoginAttr to  |(sAMAccountName=<<>>)(UserPrincipalName=<<>>) and changed lookup_type to custom.

 

We are still getting "unknown user" when they try to log in.

As they are using access roles, i changed the same settings for all IA settings here as well, but no success.

I believe something on the firewall is blocking this, as we dont get any hits on the nps server, and tcpdumps show no traffic on port 1812 when they attempt to log in.

Are there any more settings that needs to be done, in order to get UPN to work?

 

 

 

0 Kudos
8 Replies
the_rock
Legend
Legend
‎2022-03-10 04:50 AM

Did you make sure auth method under gateway office mode properties is correct?

0 Kudos
KM1895
Collaborator
Collaborator
‎2022-03-17 12:34 AM
In response to the_rock

hi, 

i believe so, but can always get a verification from the customer on this one.

 

 

 

0 Kudos
KM1895
Collaborator
Collaborator
‎2022-03-17 12:47 AM
In response to KM1895

hi, again

 

All the settings for authentication appear to be correct. it is currently set to default on ldap lookup type. If i change it to UPN, it still gives the same result, as in nothing hitting the nps server.

 

The radius authentication is working for SAM, but when changing to UPN, we dont see anything.

The users will connect, and the radius traffic is then sent over vpn to another site. But here, we dont see anything when testing, so this is leading me to suspect an issue on the checkpoint, rather than the radius setup. Even if the radius was the issue, we would have still seen the requests come in when doing a tcpdump on the relevant gateways.

 

Could this be a possible TAC case?

 

 

 

0 Kudos
_Val_
Admin
Admin
‎2022-03-17 01:07 AM
In response to KM1895

I am confused. Do you mean VPN, maybe?

0 Kudos
KM1895
Collaborator
Collaborator
‎2022-03-17 01:29 AM
In response to _Val_

hi, Val

 

Im slightly confused by this case myself.

 

As it stands today, users log on to their Remote Access using their SAM, with Azure MFA enabled. This works just fine.

When switching to UPN, we dont get anywhere. No requests is sent to the radius servers(over site2site vpn). They use MUH, and i have tried changing the settings here as well, but still get the same result.

 

As for now, i will contact TAC, to see if they can assist further as well, as the customer wants this up and running.

 

 

0 Kudos
_Val_
Admin
Admin
‎2022-03-17 07:38 AM
In response to KM1895

Sorry, it seems I originally misread your post. UserPrincipalName authentication should work.

Look into sk110858. It is not your case, but please check the mentioned parameters anyway, specificallyUserLoginAttr.

If it is as ti should be, open a TAC case.

the_rock
Legend
Legend
‎2022-03-17 08:53 AM
In response to KM1895

I second what @_Val_ told you. That sk seems pretty details, so hopefully it helps. If not, then TAC would be your best bet.

0 Kudos
Shira
Participant
‎2022-12-19 01:41 AM
In response to KM1895

Hi,

Got solution.?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events