Unified Policy / Access Roles / IPASSIGNMENT.CONF

Ivo_Marques · ‎2018-07-11

Hi mates,

I’m starting with R80.10 and Unified Policy and, for remote access I need to authenticate my users on Active Directory and assign the IP using ipassignment.conf (like I did it on R77.30). On R77.30 I was using LDAP Groups on the Rulebase and in the ipassignment.conf. On R80.10 I have to use “Access Roles” on the rulebase because of the Unified Policy how can I use ipassignment.conf in this scenario.

I tried to put Access Role name on the ipassignment and didn’t work, I also create an LDAP Group and add it to the Access Role and the authentication worked fine but the LDAP Group on the ipassignment didn’t.

Any ideas?

Regards,

Ivo

Ivo_Marques · ‎2018-07-24

So, one answer is:

Rulebase - Access Role - Drill Down the AD and search for your group;
IPASSIGNMENT.CONF - Create a LDAP GROUP with the same group and use the name on the ipassignment.

Yes, I had to refer twice the same group.

Maybe I'm going to quit ipassignment and start using RADIUS instead.

Gaurav_Pandya · ‎2018-07-30

Hi Ivo,

This option I have used for Remote users authentication with AD.

As you are going to use RADIUS, how you will map the IP address.

G_W_Albrecht · ‎2023-10-31

https://support.checkpoint.com/results/sk/sk33422

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Are you a member of CheckMates?

Unified Policy / Access Roles / IPASSIGNMENT.CONF