Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nflnetwork29
Advisor

how to configure ACL using LDAP user groups - externally managed gateway

Hi there we have checkpoint multi domain server , one of our Domain/CMA manages 12 gateway for externally connected sites

so this means our MDS is in one physical location and ll the customer's firewalls are in another location . (mutiple)

We are trying to figure out how we can use LDAP user groups in the checkpoint policy ?

How do we setup our management server to read the LDAP attributes from their on-premise active directory if we do not have any connectivity. (besides gateway management via SIC trust)   Do we need a site-to-site vpn tunnel between our MDS and their on-premise Active directory infrastructure?

What is the best way to do this?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

You can use an R80.20+ gateway as a proxy to read the AD server and create the relevant access roles.
See: https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_IdentityAwareness_AdminGuide...

0 Kudos