CheckPoint VPN-1 Edge, RADIUS & Server 2003
#1
Scooby Regular
Thread Starter
CheckPoint VPN-1 Edge, RADIUS & Server 2003
We have a VPN-1 Edge firewall with around 20 remote VPN users. I'd like to avoid creating and managing all the users and passwords, so I was wondering if there was a way of authenticating user logins with their existing Active Directory accounts via RADIUS.
Anyone know if this can be done with this level of kit?
Stefan
Anyone know if this can be done with this level of kit?
Stefan
#3
Scooby Regular
Thread Starter
Managed to figure it out. Firewall is basic to setup and IAS installs easily enough. You can then see the requests in the event log.
If anyone is even remotely interested I had to register the new IAS box in AD (just installing it on a DC isn't enough ). Then had to create a remote access policy to match the group membership for the user and set the authentication protocol to match the RADIUS proxy request from the firewall.
It's pretty simple once you know how
Stefan
If anyone is even remotely interested I had to register the new IAS box in AD (just installing it on a DC isn't enough ). Then had to create a remote access policy to match the group membership for the user and set the authentication protocol to match the RADIUS proxy request from the firewall.
It's pretty simple once you know how
Stefan
#4
Scooby Regular
Join Date: Nov 2001
Location: Leeds - It was 562.4bhp@28psi on Optimax, How much closer to 600 with race fuel and a bigger turbo?
Posts: 15,239
Likes: 0
Received 1 Like
on
1 Post
Im presuming you discovered the "RAS and IAS users group" and added the computer account of the machine running IAS into the group?
#5
Scooby Regular
Thread Starter
There's an option under the IAS management called "register server in Active Directory". AFAIK, that's the bit which automatically sorts out the permissions for the RAS and IAS security group for that server.
Stefan
Stefan
Thread
Thread Starter
Forum
Replies
Last Post
Sub-Subaru
General Technical
1
28 September 2015 12:47 PM