This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
John_Ejaife
Participant
‎2018-09-06 05:05 PM

How do I add SecureGateway to Cisco ISE 2.4 using RADIUS?

I'm having trouble adding a Checkpoint firewall to ISE 2.4. I've been following a blog where the author claims to have successfully added it to ISE 2.1, (here http://mdtnets.blogspot.com/2016/07/checkpoint-gaia-radius-authentication.html).

 

In the part where he gets to "Authentication Policy" I assume it's been replaced by Policy Sets. Running into trouble setting up the conditional "If DEVICE:Device Type Equals Device Type#All Device Types#Checkpoint"

 

I can do the"if DEVICE:Device Type Equals: All Device Types" but am not given an option for any other parameters. Am I missing something here?

5 Replies
G_W_Albrecht
Legend
Legend
‎2018-09-07 02:53 AM

I think you ask questions concerning Cisco Configuration - but all i know is sk105542...

CCSE CCTE SMB Specialist
0 Kudos
Nüüül
Advisor
‎2018-09-10 01:49 AM

Hi,

Device Type "checkpoint" is not there by default. This has to be configured manually. (Out of the head Administration -> Network Resources)

More or less you only enter the IP Address of the Firewall and are then able to differentiate, who is sending the request.

More:

Cisco Identity Services Engine Administrator Guide, Release 2.4 - Manage Network Devices [Cisco Iden... 

Daniel

0 Kudos
John_Fleming
Advisor
‎2018-11-21 07:15 AM

John Ejaife (of Spikefish Solutions fame) just wrote up a complete walk through on this. This covers Cisco ISE 2.4 and shows creating a admin role and a noc role. Access is controlled via group membership in active directory.

Checkpoint + ISE + Active Directory integration

0 Kudos
PhoneBoy
Admin
Admin
‎2018-11-21 09:33 PM
In response to John_Fleming

I probably should have moved this thread into Appliances and Gaia‌ awhile ago Smiley Happy

0 Kudos
Enyi_Ajoku
Collaborator
‎2019-09-18 01:36 PM
In response to PhoneBoy

Will this be the same steps on vsx. Particular for the NOC

Just asking as Web Access is disabled when VSX is enabled 

 

0 Kudos