Hello. I'm pretty new to Checkpoint and am looking to configure our firewalls so that a number of users (in an AD group hopefully) can use their RSA fobs to authenticate to the web GUI as well as through SSH. We are using ver. 77.30 and currently login the Checkpoint servers via a local account and shared password.
We currently authenticate our VPN connections using this method (pin and one-time code) as the RSA servers are setup as RADIUS servers, so I don't feel like there is much to do. I'm coming up short however in finding a doc that incorporates both the Checkpoint side configuration changes as well as the RSA side. So far, in RSA, I've added one Checkpoinnt server as a client. On the firewall itself I went to authentication manager and added one of the RSA servers as a RADIUS server.
I'm pretty sure I'll have to at least do two more things. 1) create a firewall rule to allow traffic over the default port and 2) copy the sdconf.rec file to /var/ace. Any guidance or links to a document outlying this is appreciated.