Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
josaic
Explorer

R81 Identity Collector and different user subnets

My first post here in Checkmates and also a newbie when it comes to Checkpoint.

Below is my Checkpoint LAB running on EVEng.

GW1 & GW2 on R81; SMS on R81

MS Active Directory 2016 + Identity Collector installed on it

Identity Awareness enabled + Browser-Based Authentication (Captive Portal) + Identity Collector

Captive Portal is working properly, able to redirect traffic and able to login using AD based credentials and can browse internet once logged-in

Able to identify DomainUser1 in 10.10.20.x/24 network and has PDP information thus able to browse internet without being redirected to captive portal.

Issue:

No PDP information for DomainUser2 if in 10.10.40.x /24 network thus redirected to Captive Portal.

I wanted to have10.10.40.x/24 network being identified by PDP as well.

 

diagram_cp.png

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Where is the AD server in this diagram? 
I'm assuming machines in the 10.10.40/24 network are authenticating to the same AD server that is running Identity Collector?

0 Kudos
josaic
Explorer

Hi. Active Directory and Identity Collector is the same machine. In the diagram you can see the Identity Collector/AD there.

0 Kudos
PhoneBoy
Admin
Admin

Ok, that wasn't clear in the diagram, and I missed that detail in your text.
@Royi_Priov any ideas?

0 Kudos