Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jorgemsassuncao
Contributor
Jump to solution

Assign fixed IP to a VPN user on Spark 1570

Hello,
I have a Spark 1570 with build R81.10.05 and it is connected to the AD, is there a way to assign a fixed IP to a specific VPN user?


VPN users authenticate through AD.
Best regards.

2 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
PhoneBoy
Admin
Admin

Manual changes to this file require reinstalling the security policy to take effect.
If this device is centrally managed, install the security policy.
If the device is locally managed, you can do one of two things:

  • Make some other change to the access policy via clish/WebUI which will trigger a recompile of the policy.
  • Use the expert command fw_configload

View solution in original post

0 Kudos
11 Replies
PhoneBoy
Admin
Admin

Yes via the ipassignment.conf file.
See: https://support.checkpoint.com/results/sk/sk33422

jorgemsassuncao
Contributor

Hello,

I'm not finding the ipassignment.conf file, there in the SMB?
I have a Spark 1570.

0 Kudos
the_rock
Legend
Legend

Should be same location...$FWDIR/conf/ipassignment.conf

0 Kudos
the_rock
Legend
Legend

As @PhoneBoy said, just modify that file. Below is what it looks like by default.

Andy

 

 

 

 

Screenshot_1.png

0 Kudos
jorgemsassuncao
Contributor

Hello,
I'm new to this and I'm having a hard time finding the way you're suggesting.

0 Kudos
just13pro
Collaborator

Make sure you are login to the Gateway CLI and NOT Management CLI.

Go to the path mentioned above and modified the file ipassignment.conf

jorgemsassuncao
Contributor

Hello,
I think these gateways (1500 series) do not have or do not allow access to this file.

0 Kudos
PhoneBoy
Admin
Admin

Yes they do.
Here's a screenshot from my own 1590 that definitely has this file:

IMG_0214.jpeg

Further, sk33422 references Embedded Gaia explicitly.

0 Kudos
jorgemsassuncao
Contributor

Hello @PhoneBoy 

Sorry, I wasn't logged in with expert mode.


Now I was able to access the file and made the change I want by adding the IP and user and saving the change.
Then when I try to connect the vpn with the user in question, the assigned IP continues to be by dhcp and not the IP that I specified for the user.


Any suggestions of what might be missing?

 


Gateway Type IP Address User Name
============= ===== ======================================== =======================
*      addr     192.168.125.1     ServidorBackup
*      addr     192.168.125.2     infodinamicavpn

 

 

 
 

 

 

0 Kudos
PhoneBoy
Admin
Admin

Manual changes to this file require reinstalling the security policy to take effect.
If this device is centrally managed, install the security policy.
If the device is locally managed, you can do one of two things:

  • Make some other change to the access policy via clish/WebUI which will trigger a recompile of the policy.
  • Use the expert command fw_configload
0 Kudos
jorgemsassuncao
Contributor

Thank you,

You help a lot.
Using the expert command fw_configload save the changes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events