This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Doeschi
Contributor
‎2018-05-30 08:19 AM
Jump to solution

Identity Collector on R80.20 Mgmt & R77.30 GW

Hi all,

I'm failing while trying to configure the identity collector using a R80.20 EA Mgmt and R77.30 Gateways with JHF317. As soon as I'm changing the product version of the gateway to R77.30 in SmartDashboard, the possibility to configure the IDC in the Identity Awareness Section of the cluster config is gone... but is back, as soon as I change the product version to R80.10. In the documents, it's written that R77.30 gateways from JHF308++ are supported to use with IDC.

Has anyone been able to do that? Am I doing something wrong? 🙂

Regards

Roger

1 Solution

Accepted Solutions
Houssameddine_1
Collaborator
‎2018-05-30 10:08 AM
Jump to solution

In R77.30 and lower version, I believe you should configure the collector as Terminal server. Please check this sk

Identity Collector fails to connect / add / edit a Security Gateway 

I think what they mean by support, might some code enhancement in the pdpd daemon which communicate with the identity sources like IDC. The new IDC supports other things like parsing syslog messages and extract identities from it. I believe pdpd should know about the new capabilities of the collector. you will not see the change in the gui.

Thanks

View solution in original post

4 Replies
Houssameddine_1
Collaborator
‎2018-05-30 10:08 AM
Jump to solution

In R77.30 and lower version, I believe you should configure the collector as Terminal server. Please check this sk

Identity Collector fails to connect / add / edit a Security Gateway 

I think what they mean by support, might some code enhancement in the pdpd daemon which communicate with the identity sources like IDC. The new IDC supports other things like parsing syslog messages and extract identities from it. I believe pdpd should know about the new capabilities of the collector. you will not see the change in the gui.

Thanks

Kaspars_Zibarts
Employee Employee
Employee
‎2018-05-30 09:50 PM
In response to Houssameddine_1
Jump to solution

That's absolutely correct answer - use Terminal server and it works like a charm. Just remember to tick the box for pre R80.10 gateway in IDC

0 Kudos
Doeschi
Contributor
‎2018-05-31 01:09 AM
In response to Houssameddine_1
Jump to solution

Thanks for your answer, you're right. I found the same solution deep in some documentation shortly after I posted this question and set it up like this. Unfortunaly, I can't say if it's finally working because I had to request a valid certificate for the gateway first and I'm waiting for that. But lets be optimistic 🙂

0 Kudos
Houssameddine_1
Collaborator
‎2018-05-31 07:03 AM
In response to Doeschi
Jump to solution

It should work with the self signed certificate. when you establish the connectivity from the IDC to the gateway you must accept the finger prints of the cert. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events