- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
We defined an LDAP group referencing our AD:
Name: AD_vpn_access
Account Unit: ad.lair.co.za__AD
Group's scope: Only group in branch (DN prefix)
Prefix: CN=vpn_access,OU=Firewall,OU=Security Groups,OU=Syrex
We then link this through to the Mobile Access Office Mode settings:
Nested LDAP groups work perfectly for security policy firewall rules but VPN access is not granted unless members are direct members of the vpn_access AD security group.
Is this a bug, known limitation or is there a setting I should be changing somewhere?
Operating as designed per the following sk: Mobile Access and Endpoint clients LDAP nested groups are not enforced correctly
Hi Dameon,
Would you possibly know where we can go to have this logged as a feature request? The internal components to recursively resolve nested LDAP group memberships is in the code base already...
Here you go:http://www.checkpoint.com/rfe/rfe.htm
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY