CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 5 of 5

Thread: Multiple domains, separate forests

  1. #1
    Join Date
    2010-07-17
    Posts
    37
    Rep Power
    0

    Default Multiple domains, separate forests

    I'm just in the process of renewing our support/subscriptions when up pops a notice saying we can get IA free. Great. However, I'm unsure whether it will be able to cope with our setup. Firstly, our setup is simple really. One gateway with 3 internal networks. Each network has it's own domain/forest. Can IA cope with multiple completely seperate forests, or it is limited to only work with multiple domains within a single forest. I know this is a new product so if no-one knows, I'll go have a chat with our supplier, who'll have a chat with checkpoint.

  2. #2
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    18

    Default Re: Multiple domains, separate forests

    You just need to define Multiple LDAP Account Units

    1st Accout Unit links to an LDAP Server on Network 1
    2nd Accout Unit links to an LDAP Server on Network 2
    3rd Accout Unit links to an LDAP Server on Network 3

    That way all 3 area's are covered on your network.

  3. #3
    Join Date
    2010-07-17
    Posts
    37
    Rep Power
    0

    Default Re: Multiple domains, separate forests

    Thanks for the info. Can't wait to give it a try, however I think I might wait till R75.1 comes out after reading some of the problems some people have had with R75.

  4. #4
    Join Date
    2007-07-16
    Location
    a land down under!
    Posts
    2,015
    Rep Power
    16

    Default Re: Multiple domains, separate forests

    So here's the other question - do you need the User Directory Blade at the management level for the AD integration to work?

  5. #5
    Join Date
    2005-08-29
    Location
    Upstate NY
    Posts
    2,720
    Rep Power
    18

    Default

    I don't think so but I'm double checking.

    Now confirmed. SD is not needed with IAB.
    Last edited by chillyjim; 2011-03-03 at 10:37. Reason: update

Similar Threads

  1. Same account in multiple domains
    By carfig in forum Mobile Access Blade (Formerly Connectra)
    Replies: 1
    Last Post: 2009-12-13, 19:56
  2. Replies: 2
    Last Post: 2008-06-05, 10:27
  3. Multiple VPN domains?
    By Reaper in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 4
    Last Post: 2008-04-10, 08:48
  4. Separate SmartCenter
    By ogayagoy in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 1
    Last Post: 2006-10-26, 22:54
  5. Creating Multiple Encryption Domains
    By Barry J. Stiefel in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 1
    Last Post: 2006-01-30, 13:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •