CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We've already had our first sign-ups!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 6/9, 7/14, 8/25, 10/6, 11/3, 12/8.
3. We have new forums in Portuguese and German (see below).
4. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
5. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Authentication
Reload this Page Combine Radius/SecureID with LDAP
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2008-01-31
scorpion scorpion is offline
Junior Member
  
Join Date: 2008-01-24
Posts: 4
scorpion has an average reputation (10+)
Default Combine Radius/SecureID with LDAP
I would like to have a combination of Authentication oppertunities for my end users.

Who mainly come via SecureRemote and Connectra

For my connectra i want to be able to give low level access based on LDAP
ie. publish a website or give them only access on one tcp port with the pupose of synchronizing some info

Then i also want to be able to log people in via SecureID and give them higher access (full vpn)

The problem is that both in Active Directory and Radius i have the same usernames

so when someone logs in with their radiuspin+tokencode.. the AD will say wrong password.

I want after trying to LDAp/AD the connectra to check if the password is right for Radius/secureid

is this possible?

Thanks alot!!!
Reply With Quote
  #2 (permalink)  
Old 2008-01-31
Thorpuse Thorpuse is offline
Senior Member
  
Join Date: 2007-07-16
Posts: 279
Thorpuse has an average reputation (10+)
Default Re: Combine Radius/SecureID with LDAP
Can you use different authentication realms e.g.

Radius
user@radius.domain.com

LDAP
user@ldap.domain.com

?

Unless you can set up unique identifiers, there's nothing you can do here. CP does not have the concept of layered authentication methods. You would have to manage this outside of the Smartcenter setup.
Reply With Quote
  #3 (permalink)  
Old 2008-02-14
scorpion scorpion is offline
Junior Member
  
Join Date: 2008-01-24
Posts: 4
scorpion has an average reputation (10+)
Default Re: Combine Radius/SecureID with LDAP
IS there anyway to prioritise ldap over secureid or visa versa?

If i could do it like this it would be great:

loginfield:
Username
Authentication Method: Secureid

loginfield:
Username@domain.com
Authenitication Method: LDAP

so that means that when my ldap domain name is spescified it goes to LDAP if only a username is supplied it goes to Secureid.

That would be a great solution for my situation
Reply With Quote
Reply

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 16:33.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0