This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Galb
Explorer
‎2021-04-04 10:10 PM

Secondary Connect password prompt

Hello

During a POC for MFA I have encountered two issues

*we are using secondary connect 

1. for some clients during a change in the VPN authentication scheme there are password prompts for all secondary gateways - deleting the VPN site and creating it again resolves this issue. - I guess its related to password caching ..

2. For some clients during the tests the clients get "no login method set" without an option to enter username and password, clicking on the link in the clients gui, the client is redirected to authentication tab , and all you have to do is click on "OK" since the authentication method is already chosen, the, login is successful.

 

Can we resolve this issue via settings in trac_client_1.ttm file or by clearing the passwords cache in any way? - we want to migration to be as transparent as possible.

 

Thanks 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2021-04-05 08:58 AM

Probably the most transparent way to do this would be to update trac.config on the clients with the desired configuration.
Maybe bundle it with an update to a newer version of the client. 
Otherwise, I believe you’re in delete/re-add site territory.

0 Kudos
Galb
Explorer
‎2021-04-05 11:07 PM
In response to PhoneBoy

Thanks

0 Kudos
the_rock
Legend
Legend
‎2021-04-05 10:50 AM

Personally, I always found this very frustrating. Seems like over the years, mostly the solution given is to modify trac.config on client side or trac_client_1.ttm on the gateway side to get around these issues. Whats even more annoying is that every time (or for the good 70-80% of the cases) if main auth method is changed on the gateway, you end up deleting and re-creating s site, which is pretty shocking to new CP customers, as they are not used to anything like that from other vendors.

0 Kudos
Galb
Explorer
‎2021-04-05 11:08 PM
In response to the_rock

Thanks,
As PhoneBoy said, I will try to get around this by modifying client's side file 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events