Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
charlie
Participant

VPN client auth with Ldap AU

Hello,

I 've configured the Checkpoint VPN client and it's works for the users defined as checkpoint local userid.

Now I need to move the Auth to the Customer AD. I have a Ldap Account Unit that point the customer AD so how I can set the Checkpoint to send the auth process to the Ldap AU?




0 Kudos
1 Reply
Joseph_Audet
Ambassador
Ambassador

Provided that everything is working with your remote access IPSEC VPN config / LDAP account unit, the next step to 'enable LDAP authentication' would be to create an access role, bind it to an AD user or group, and add that access role to your access policy. This is assuming the default authentication mechanism of username + password.

By doing this, you will enable the gateway to successfully match a user search against a rule that allows them to connect. I attached an example from my lab where I added a group from AD to an access role.

See admin guide info on:

Access roles:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topi...

Retrieving Information from a User Directory Server:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topi...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events