This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Pedro_Espindola
Advisor
‎2019-02-12 07:47 AM

Using RADIUS Groups to Assign Permissions on SMBs?

Hello everyone,

I use a RADIUS proxy (DUO) which handles 2FA for Remote Access authentication in locally managed SMB appliances.

The user database is active directory. Duo can use either LDAP or RADIUS to connect to the AD.

Is it possible to use the RADIUS groups to assign permissions?

I took a look at the procedure described in ) to Assign Permissions, but some steps are not really compatible with what we have in local management. I tried using attribute 25 or vendor specific 229 as described without success.

Is it possible? Did anyone here ever accomplish that?

6 Replies
G_W_Albrecht
Legend Legend
Legend
‎2019-02-13 06:53 AM

I would involve TAC here ! Although nothing about that is mentioned in sk105380, it may well be that this is just not supported here...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Pedro_Espindola
Advisor
‎2019-02-14 04:25 AM
In response to G_W_Albrecht

Yeah, I will.

I just think that in this kind of situations, Check Mates deploying SMBs daily and trying to work around the same limitations as I am are much more likely to know an answer or a cool trick to make it work.

Thanks Günther.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-02-14 04:45 AM
In response to Pedro_Espindola

It is a nice picture - and SMBs have a lot to explore and find ones own answers. But limitations, mostly, are limitations and can (or should) not be lifted by any cool trick. 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Pedro_Espindola
Advisor
‎2019-02-14 05:05 AM
In response to G_W_Albrecht

Ok fair enough. But you know SMBs are not super well documented, not as much as the enterprise versions at least. So we do find out a lot by testing and exploring. That is all I meant.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-02-14 05:58 AM
In response to Pedro_Espindola

Yes, i understand very well - it just sounded as if by some magic trick you could remove a SMB limitation. And we know this is not true...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
BorisL
Collaborator
‎2020-11-10 11:01 AM

Hi Pedro. Did you ever get a solution for this?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events