Managing Authentication Servers - Infinity CHECK POINT 1100 Administration Manual

Appliances centrally managed

Hide thumbs Also See for CHECK POINT 1100:

Administration manual (122 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

Table of Contents

Managing Authentication Servers

In the Authentication Servers page you can define and view different authentication servers where

users can define both an external user database and the authentication method for users in that

database.

You can define these types of authentication servers:

•

RADIUS server - Define the details of a primary and secondary RADIUS server. The Check

Point Appliance can connect to these servers and recognize users defined in them and

authenticated by them.

•

Active Directory domain - Define the details of the Active Directory domain that contains your

organization's user information. The User Awareness feature can use these details to provide

seamless recognition of users for logging purposes and user based policy configuration. This

can be used for VPN remote access user authentication. When this is the case, additional

configuration is necessary in the VPN > Remote Access Users page.

To add a RADIUS server:

1. Click Configure.

2. In the Primary tab, enter this information:

•

IP address - The IP address of the RADIUS server.

Note - 1100 appliances only support IPv4 addresses. 1200R and 1400 appliances support

both IPv4 and IPv6 addresses.

•

Port - The port number through which the RADIUS server communicates with clients. The

default is 1812.

•

Shared secret - The secret (pre-shared information used for message "encryption")

between the RADIUS server and the Check Point Appliance. You cannot use these

characters when you enter a password or shared secret: { } [ ] ` ~ | ' " # + \

Show - Displays the shared secret.



Timeout (seconds) - A timeout value in seconds for communication with the RADIUS

•

server. The timeout default is 3 seconds.

3. Repeat step 2 for a Secondary RADIUS server if applicable.

Note - If you want to remove information you entered in IP address and shared secret, you can

click Clear.

4. Click Apply.

The primary and secondary servers (if defined) are added to the RADIUS section on the page.

RADIUS servers can be used for:

•

Defining a database of users with remote access privileges. Such users are both defined and

authenticated by the RADIUS server.

•

Defining administrators. See the Users & Objects > Administrators page.

To edit a RADIUS server:

1. Click the IP address link of the RADIUS server you want to edit.

2. Make the necessary changes.

3. Click Apply.

The changes are updated in the RADIUS server.

Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70

Appliance Configuration

Table of Contents

This manual is also suitable for:

Check point 1200r Check point 1400 L-50 L-50d L-50w L-50wd ... Show all

Managing Authentication Servers - Infinity CHECK POINT 1100 Administration Manual

Managing Authentication Servers

Related Manuals for Infinity CHECK POINT 1100

Related Content for Infinity CHECK POINT 1100

This manual is also suitable for:

Table of Contents