This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Srajesh
Contributor
‎2023-04-24 02:34 AM

AD users not blocking web category on checkpoint firewall 6400

Hi,

We have configure Web category on checkpoint firewall 6400 and web category not blocking.

We have checked AD sync happening and Connection status : has connection.

Thanks & Regards

S Rajesh 

0 Kudos
7 Replies
Chris_Atkinson
Employee Employee
Employee
‎2023-04-24 02:40 AM

Hello,

We will need considerably more info to assist you.

Version, Jumbo, HTTPS inspection and more...

 

 

 

 

CCSM R77/R80/ELITE
0 Kudos
Srajesh
Contributor
‎2023-04-24 02:52 AM
In response to Chris_Atkinson

Hi,

Checkpoint firewall standalone deployment

Gateway version: R81.10

Hot Fix Jumbo Bundle: T94

 

Thanks & Regards

S Rajesh

Preview file
84 KB
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-04-24 04:00 AM
In response to Srajesh

Bearing in my HTTPS inspection is disabled, can you provide an example of what's not working and the rule you have configured?

CCSM R77/R80/ELITE
0 Kudos
Srajesh
Contributor
‎2023-04-24 04:24 AM
In response to Chris_Atkinson

Please find the attached screenshot of rules.

Rules no 1: IP based created rules (Web category is blocking), When i have disabled rules no 1 all web category is not blocking.

Rules no 2,3 & 4 : AD users group based created rules ( Web category not blocking).

 

Preview file
389 KB
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-04-24 04:59 AM
In response to Srajesh

Thanks and are you using IDC or ADQuery for Identity and confirmed connectivity with AD is operating correctly?

CCSM R77/R80/ELITE
0 Kudos
Srajesh
Contributor
‎2023-04-24 05:40 AM
In response to Chris_Atkinson

1)We are using ADQuery for identity
2)Connection status : has connection
3)no issues with authentication 
4)AD users "Roles" not being updated or pulled
5)User group is unavailable

0 Kudos
Ruan_Kotze
Advisor
‎2023-04-24 12:54 PM
In response to Srajesh

Seems you are acquiring identities fine, but not matching them to Access Roles? Are your LDAP lookups working - have a look at sk55040 and here for ways to test.

Might be something as simple as needing to fetch signatures on your LDAP Account Unit.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events