Create a Post
Showing results for 
Search instead for 
Did you mean: 

VPN client autentication with legacy user and ldap user

I have configured two access rules for vpn clients with Check Point Mobile for the remote access community. One to allow access to a legacy user goup and the other to give access to an ldap group work very well.

But in office mode I had to give access to all users since I cannot specify a group since it does not allow me to create a group that includes legacy and ldap users. This means that all my AD users (whether or not they are in the rule's ad group) can connect to the Check Point mobile client and give them ip, even though the rules later block their traffic because they are not in the allowed group .

I wish that users who are not in the specific group of AD are not given the office mode, without affecting my legacy users.

Any ideas?

I have my management and my gateway in R80.10.

0 Kudos
1 Reply

Are the legacy users also part of LDAP somehow?
Why not put those specific users in an LDAP group?
Then you're using LDAP for everything.
0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events