This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
TomislavT
Explorer
‎2022-06-14 04:58 AM

VPN failed login on SMB1590

Hello everyone,

If some one can help me out with this problem.
On our location we have Centrally managed SMB 1590, where we need to setup remote access for our users.

Connection to VPN goes well but when test user types in his local username and password he gets wrong username or password.
When checking logs for problems we see that failed login factor is password and reason is user unknown to FireWall-1 authentication. User is locally created and he is in VPN test group witch is participant user group for remote access. 

Does anyone knows what could be the reason for this error and what can we do to fix it up ?

Thank you in advanced,

Tomislav

Preview file
93 KB
0 Kudos
9 Replies
_Val_
Admin
Admin
‎2022-06-14 06:29 AM

Show how you define the group and VPN community please

0 Kudos
TomislavT
Explorer
‎2022-06-14 06:44 AM
In response to _Val_

Hello Val,

Here are VPN community and group.

Preview file
60 KB
Preview file
35 KB
Preview file
47 KB
Preview file
79 KB
0 Kudos
_Val_
Admin
Admin
‎2022-06-14 06:49 AM
In response to TomislavT

Where is the group definition? How do you set up users in the group? 

0 Kudos
TomislavT
Explorer
‎2022-06-14 06:56 AM
In response to _Val_

User is made locally in Smart Console then added to VPN test group. 
What do you mean by group definition ?

0 Kudos
_Val_
Admin
Admin
‎2022-06-14 08:02 AM
In response to TomislavT

the invalid user error usually means a basic authentication issue: incorrectly defined user, group wrongly populated, etc. Your screenshots look fine so far, but you did not share user and group screenshots.

 

0 Kudos
_Val_
Admin
Admin
‎2022-06-14 08:02 AM
In response to TomislavT

How do you know users can authenticate in the first place? Did you check them somewhere else?

0 Kudos
TomislavT
Explorer
‎2022-06-14 11:34 PM
In response to _Val_

I didn't check if they can authenticate somewhere else since most of that is done via LDAP.
On 6400 that we have all users and groups are connected via LDAP and checked with Identity Awareness.

This 1590 is part of new network and management server and we want to make user locally and do authentication locally or via ISE because that whole network is isolated from our LAN.

Preview file
32 KB
Preview file
34 KB
Preview file
30 KB
Preview file
27 KB
0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2022-06-15 04:32 AM
In response to TomislavT

Contact TAC to get his resolved quickly !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
_Val_
Admin
Admin
‎2022-06-15 04:56 AM
In response to G_W_Albrecht

Second that. All settings look okay, please engage with TAC to fix this.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events