Who rated this post

We are setting up RADIUS from a 9100 LOM (R81.20 Take 65 Recommended)

LOM details: Hardware Revision 1.0
Firmware Version 7.12.1 (latest)
Firmware Build Time
 Feb 16 2024 | 11:50:40 CST
LOM Board IAC-AST2500

Our Policy server gets the request approves it and, on the response, back the LOM does not seem to know what to do with it and get a login denied.

Based on this guide we have setup correctly: Introduction (checkpoint.com)

But what is missing as a reply back from the RADIUS server is the privilege level.  In the Java guide there is note on how to configure that using:

1. On the RADIUS server, set Reply-Message for the privilege for each user in the User file. Otherwise, LOM rejects the user account. The parameter in the file that defines privileges for LOM user is: Reply-Message = "privilege=<LEVEL>". Make sure that there are no blank spaces in the privilege parameter.

   The privilege levels are:

   Administrator Operator

   No-Access (user cannot log in to LOM)

   Sample parameter for a user with administrator privileges:

   Reply-Message = "privilege=Administrator" User Settings (checkpoint.com)

However, there is no such setting called out for the HTML5 guide.  We tried using "privilege=Administrator" (with and without quotes) no avail.  We do see the RADUIS server accepting and approving the request.

A ticket is into support but wondering if anyone else has been successful.