This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Arskaz
Contributor
‎2023-08-14 07:08 AM

portal_dual_stack

Hi!

I'm just debugging a case, where using AD Query and Identity Collector do not show both IPv6 and IPv4 addresses of all workstations at the gw's pdp/pep and then some rules are not enforced correctly.

For some users, for example only IPv6 address is shown.

(And yes, workstation has address from both families.)

There is no much information about this. One sk tells, that when using Identity agent, there is a hotfix for that. But we are not using Identity agent.

pep manual has one reference to dual stack:

pep control portal_dual_stack <option>, where option= enable or disable

Does anyone have an idea, what is the actual effect of that option? Portal? Not explainen in manual.

And also would be grateful, if somebody has hints to the root cause of my challenge.

Could AD restrict full information of some workstations not to be delivered?

From pepd.elg and pdp.elg I can find only lines containing the IPv6 related stuff of the problematic user. For working ones I see both IPv4 and IPv6 references.

 

BR, A

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2023-08-14 05:19 PM

Wait, you're using both AD Query AND Identity Collector in the same environment?
What version/JHF are the gateways and management?
In any case, we may not be getting the information from AD through either method...or it's getting lost in translation.
This will probably require TAC assistance to troubleshoot: https://help.checkpoint.com

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events