CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 3 of 3

Thread: LDAP and SecurID

  1. #1
    Join Date
    2007-03-12
    Posts
    8
    Rep Power
    0

    Default LDAP and SecurID

    Currently we have setup LDAP (Windows AD) for client authentication. I already create LDAP groups and have the rules in place.

    We are going to implement Remote Access VPN using SecurID with Windows AD account/password to authentication. So the user name will be the same in both LDAP and SecurID authentication. From the checkpoint document, the gateway will retrieve information in the following step:
    1. The first place that is queried is the internal database.
    2. If the specified user is not defined in this database, it will use LDAP (SmartDirectory).
    3. If the information still cannot be found, the gateway uses the external users template (which also how SecurID use it to authentication).

    So when a remote access request comes in, the gateway will alway try the LDAP first so the SecurID won't never be used. Is that true? If so, how can I achieve the remote access VPN authentication? All my firewalls are VPN-1 Power NGX R65

    PS. I know that in the LDAP Account Unit Authentication tab, there is a scheme for securID. Should I uncheck that?
    Last edited by cantoron; 2010-05-31 at 13:48.

  2. #2
    Join Date
    2007-03-12
    Posts
    8
    Rep Power
    0

    Default Re: LDAP and SecurID

    Let me make it more clear:

    Let's say I have two group in the AD, one is PW_Group, the other is SecurID_Group. Is that possible to configure the firewall that users in pw_group use only username/password for authentication, and users in securid_group use only securid for authentication?

  3. #3
    Join Date
    2012-01-23
    Posts
    1
    Rep Power
    0

    Default Re: LDAP and SecurID

    Hi Cantoron,

    Are you able to achieve this like, 2 group one use AD authentication and one use SecurID.
    I am also looking for this option.

    Nomi


    Quote Originally Posted by cantoron View Post
    Let me make it more clear:

    Let's say I have two group in the AD, one is PW_Group, the other is SecurID_Group. Is that possible to configure the firewall that users in pw_group use only username/password for authentication, and users in securid_group use only securid for authentication?

Similar Threads

  1. Connectra LDAP with two LDAP account units
    By loudermi in forum Mobile Access Blade (Formerly Connectra)
    Replies: 1
    Last Post: 2009-12-13, 19:59
  2. Connectra R62CM and SecurID
    By netshaman in forum Mobile Access Blade (Formerly Connectra)
    Replies: 2
    Last Post: 2008-10-08, 11:38
  3. P-1 and RSA SecurID authentication
    By cciesec2006 in forum Provider-1 (Multi-Domain Management)
    Replies: 4
    Last Post: 2007-11-29, 11:01
  4. Securid with L2tp and ngx
    By moalmoe in forum Authentication
    Replies: 5
    Last Post: 2007-07-04, 04:41
  5. What is SecurID?
    By roadrunner in forum Authentication
    Replies: 1
    Last Post: 2006-02-16, 19:35

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •