Solved: Identity Awareness with Clustered 23500 Error

sukruozdemir · ‎2020-07-16

Hello
I have two clustered 23500 appliances.
I have deployed Identity Awareness with Identity agent.
Identity Agent accepting connections from internal nics.
On the DNS server I have created the _tls option and named giris.xxx.edu.tr. I have created a CNAME giris.xxx.edu.tr and used ip adress 10.2.4.4 which is my mgmt ports virtual ip. (10.2.4.5 is FW-1 and 10.2.4.6 is FW-2)
I have created a custom agent and used fw-1's custom agent.msi.
While the active node is FW-1 there is no problem for authentication but when I make FW-1 Passive Node and FW-2 Active Node User can not login. The agent is prompting me for username and password.

I have a few questions could you please help me about them?

How do I do deploy configuration for clustered nodes? Is my configuration true? Why FW-2 is not authenticating?

sukruozdemir · ‎2020-07-17

I hope everything is OK except my Agent.msi.
I have installed a clean Windows 10, installed custom agent on it and deployed again.
It is working perfect now.

View solution in original post

sukruozdemir · ‎2020-07-17

I hope everything is OK except my Agent.msi.
I have installed a clean Windows 10, installed custom agent on it and deployed again.
It is working perfect now.

View solution in original post

Identity Awareness with Clustered 23500 Error

Identity Awareness

Deploy Checkpoint HA in different availability zon...

message log : Global param: operation failed: Unkn...

Checkpoint Security Gateway applies "Initial Polic...

Tacacs+ on different port

VoIP - SIP and UDP configuration on SMB 1490