- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
We defined an LDAP group referencing our AD:
Name: AD_vpn_access
Account Unit: ad.lair.co.za__AD
Group's scope: Only group in branch (DN prefix)
Prefix: CN=vpn_access,OU=Firewall,OU=Security Groups,OU=Syrex
We then link this through to the Mobile Access Office Mode settings:
Nested LDAP groups work perfectly for security policy firewall rules but VPN access is not granted unless members are direct members of the vpn_access AD security group.
Is this a bug, known limitation or is there a setting I should be changing somewhere?
Operating as designed per the following sk: Mobile Access and Endpoint clients LDAP nested groups are not enforced correctly
Hi Dameon,
Would you possibly know where we can go to have this logged as a feature request? The internal components to recursively resolve nested LDAP group memberships is in the code base already...
Here you go:http://www.checkpoint.com/rfe/rfe.htm
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY