Create a Post
Showing results for 
Search instead for 
Did you mean: 

Identity Awareness over VPN - Same user in different Domains

I have a case with a customer.

We integrate Active Directory servers by creating LDAP account unit. Domain user authentication is done through a VPN Check Point mobile client.
When a client connects to a domain that is registered with Check Point, everything is normal. Their respective logs are generated in SmartConsole and everything is ok.

The problem arises, there are several users who have a user with the same name in one domain and registered with the same name in another subdomain.
For example:

The priority of is set to 1, and the priority of is set to 5.
When the user enters his username JonhDoe, he manages to access the that has lower priority, when he should access

Is there a way that the user can choose which domain he wants to connect to from the VPN client?
For example, have the user enter or and from there it is determined which domain it will access?

We have a SMS and Firewall cluster on R80.30 version

0 Kudos
1 Reply

What version of client?
What authentication mechanism is being used?
I would think you could specify the full username (user@sub.dom.ain) as part of the authentication process.

0 Kudos