Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor

SNX Authentication with User Directory (LDAP not AD)

Hello everybody,

I configured a Unit Account with profile "Domino_DS" and added it to User Directory (VPN Clients > Authentication > Multiple Authentication Clients Settings) since I want to use LDAP accounts (email addresses) to allow users to connect in VPN.

cp01.PNG

I mapped the email address as UID.

cp02.PNG

cp03.PNG

The connection using Check Point Mobile client under Windows works well, but SNX under Linux cannot authenticate:

cp04.png

If I use a local VPN account with SNX, then it works.

What am I doing wrong?

Thanks,
Francesco

0 Kudos
Reply
2 Replies
Advisor

Do a packet capture between the gateway and the ldap server and check if its connecting. First make sure the connection is successful. Then look at the ldap conversation to see if its correct.

Could be

Firewall can't connect to ldap server.

Firewall can't login to ldap to generate a query. 

Ldap server is rejecting login request for client.

I will say I don't think I've seen many people using none MS AD ldap so possible bug but check the other things first.

0 Kudos
Reply
Contributor

Thank you for your reply. I will check that. Anyway, if the problem is connection between Gateway and LDAP (I'm sure it isn't), the Windows Endpoint shouldn't work, but it works.

0 Kudos
Reply