This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Wyl
Explorer
‎2023-06-26 07:28 PM
Jump to solution

Some of Terminal Agent Users are not authenticated

Hello Guys,

I am having troubles with deploying terminal server agents. The problem is some of the users are authenticated and some are showing not authenticated. Do I need some user permission from AD for that unauthenticated users or do I need to add additional config on smartconsole or gateways? I am currently using for R81.10 JHF take87 on VSX envrionment.

Thank you all!!!

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-06-29 06:58 AM
In response to Wyl
Jump to solution

So it's users who are connecting via SNX who are showing up as unauthenticated?
You realize Remote Access clients ARE an Identity Source, correct?
Of course, that doesn't help when you connect to a terminal server, which requires MUHv2.
I suspect you'll need a TAC case here: https://help.checkpoint.com 

View solution in original post

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2023-06-27 07:08 AM
Jump to solution

Not sure where you are seeing this "unauthenticated" message.
Can you provide relevant screenshot(s) with sensitive details redacted?

0 Kudos
Wyl
Explorer
‎2023-06-27 09:35 PM
In response to PhoneBoy
Jump to solution

 

This is the screenshot from Terminal Server Agent (muh2)

Screenshot_2.png

When I try to check logs, I found the following lines.

[24 Mar 10:19:57] Added user domain/user with ID range <19969,20224>
[24 Mar 10:19:57] Client is connected to PDP: xxx.xxx.xxx.xxx
[24 Mar 10:19:57] User domain/user failed to authenticate
[24 Mar 15:07:14] Session change event occured. Event type: WTS_REMOTE_CONNECT, session id: 5
[24 Mar 15:07:17] Session change event occured. Event type: WTS_REMOTE_CONNECT, session id: 3
[24 Mar 15:31:46] Session change event occured. Event type: WTS_REMOTE_CONNECT, session id: 5
[24 Mar 15:31:54] Session change event occured. Event type: WTS_REMOTE_CONNECT, session id: 3

0 Kudos
PhoneBoy
Admin
Admin
‎2023-06-29 04:53 AM
In response to Wyl
Jump to solution

Are users authenticating against on-prem Active Directory here?
What version of gateway is used here?
MUHv2 requires R80.40 and above.

You may need to involve the TAC here: https://help.checkpoint.com 

0 Kudos
Wyl
Explorer
‎2023-06-29 05:26 AM
In response to PhoneBoy
Jump to solution

Yes I am using r81.10 with take 87. It is the VSX environment. Some terminal servers are working fine with all users authenticated but some are not.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-06-29 06:58 AM
In response to Wyl
Jump to solution

So it's users who are connecting via SNX who are showing up as unauthenticated?
You realize Remote Access clients ARE an Identity Source, correct?
Of course, that doesn't help when you connect to a terminal server, which requires MUHv2.
I suspect you'll need a TAC case here: https://help.checkpoint.com 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events