- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- Re: So for some reason identity logging on mgmt se...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So for some reason identity logging on mgmt server does not work
So we have identity awareness enabled on our gateway, identity logging is enabled on management server and goal is to display usernames on logs on smartconsole and it does not work, upon using the following command on both gateway and mgmt server-
adlog l query ip "ip of dc" , we have 3 dcs configured in our ldap account unit and i typed all 3 ips and for all 3 ips it shows-
there's no data for given ip
So what does that mean?? And mobile access works fine on the same security gateway where identity awareness is enabled which means it can query one of those 3 ips (dont remember exactly which ip it is out of those 3) and can show usernames(on mobile access policy on smartdashboard i can select usernames easily and apply them on rules and we already have rules applied with usernames) so why cant it show the usernames on the logs on smartconsole??
Thank You.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is Remote Access one of the identity sources enabled for Identity Awareness?
It's not enabled by default.
Also what version/JHF level?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
so i ran cpinfo -y all on gateway-
This is Check Point CPinfo Build 914000202 for GAIA
[IDA]
No hotfixes..
[CPFC]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
[MGMT]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
[FW1]
HOTFIX_MAAS_TUNNEL_AUTOUPDATE
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
FW1 build number:
This is Check Point's software version R80.20 - Build 163
kernel: R80.20 - Build 151
[SecurePlatform]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
[CPinfo]
No hotfixes..
[PPACK]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
[DIAG]
No hotfixes..
[CVPN]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 118
[CPUpdates]
BUNDLE_MAAS_TUNNEL_AUTOUPDATE Take: 25
BUNDLE_INFRA_AUTOUPDATE Take: 34
BUNDLE_DEP_INSTALLER_AUTOUPDATE Take: 17
BUNDLE_R80_20_JUMBO_HF_MAIN Take: 118
[CPDepInst]
No hotfixes..
[AutoUpdater]
No hotfixes..
On mgmt server-
This is Check Point CPinfo Build 914000196 for GAIA
Local host is not a Gateway
[CPFC]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[IDA]
No hotfixes..
[MGMT]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[FW1]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
FW1 build number:
This is Check Point Security Management Server R80.20 - Build 035
This is Check Point's software version R80.20 - Build 254
[SecurePlatform]
HOTFIX_GOGO_LT_HALO_JHF Take: 161
[CPinfo]
No hotfixes..
[DIAG]
No hotfixes..
[SmartLog]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[Reporting Module]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[CPuepm]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[VSEC]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 161
[R7520CMP]
No hotfixes..
[R7540CMP]
No hotfixes..
[R76CMP]
HOTFIX_R80_20_JHF_COMP Take: 161
[SFWR77CMP]
No hotfixes..
[R77CMP]
HOTFIX_R80_20_JHF_COMP Take: 161
[R75CMP]
No hotfixes..
[NGXCMP]
No hotfixes..
[EdgeCmp]
No hotfixes..
[SFWCMP]
No hotfixes..
[FLICMP]
No hotfixes..
[SFWR75CMP]
No hotfixes..
[CPUpdates]
BUNDLE_INFRA_AUTOUPDATE Take: 34
BUNDLE_DEP_INSTALLER_AUTOUPDATE Take: 17
BUNDLE_R80_20_JUMBO_HF_MAIN_gogoKernel Take: 161
[CPDepInst]
No hotfixes..
[AutoUpdater]
No hotfixes..
[MGMTAPI]
No hotfixes..
And regarding remote access i dont remember if i enabled that when i initially configured identity awareness is there a way to check that?
And my issue is ad usernames not being shown on smartlog on smartconsole, so how is remote access related to that?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If the users are logging in via Remote Access, it is very much relevant that they be included in the IDA configuration.
In general, I'd start with the troubleshooting steps here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Can you please provide us more details on the configuration?
Which Identity Source is used? (Remote Access/IDC/AD Query/...). What is configured in the policy?
Thanks,
Adi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
so the problem is not with the identity awareness of the gateway itself,i should have been more clear with the issue, but the main issue is with the identity logging on the management server, identity awareness on the gateway works fine and i can see usernames for users logging into ad portal of the gateway on smartlog, what i cannot see is normal users logging into their windows workstations (so referring to identity logging of mgmgt server) that is their usernames cannot be seen, just want identity logging to work properly.