Security

Hi All

Currently i try to integrate some identity awareness for checpoint with clearpass, the aim of this integration is to get know user id and ip from radius that given on clearpass, currently i follow the step Technote CPPM Third party enforcement 1.3, i get confused on where i can get the url api link from clearpass for checkpoint.

Clearpass Version ClearPass Policy Manager 6.5

and checkpoint verison R80.10

Thanks for your information sir :)

Hi,

The URLs for R80 are

- "/_IA_API/v1.0/add-identity" for Check Point Login

- "/_IA_API/v1.0/delete-identity" for Check Point Logout

Everything else is the same as the guides already published.

Also, under R80 "Identity Awareness" tab, there is a new Identity API setting you should enable, instead of using the "Terminal Server Agent". Make sure you enable the API access on the Checkpoint interface you will target,  under "Accessibility".

Unfortunatelly I no longer have access to a CheckPoint, but as far as I remember this was all that was needed.

Regards

Hi Ricard

by ur reply ist should be like on the attachment ?, i already did all of the command from the technote but still fail,

Are you using a distributed deployment? If so, are you pointing ClearPass to the Management server or the gateway for the context server?

Thanks for sharing useful information with us.. It really helpful to me..I always prefer to read the quality content and this thing I found in you post. thanks for sharing with us.. Tell Dunkin

For a distributed Check Point deployment  set the context server IP in CPPM to the firewall, and if the firewalls are in a cluster use the VIP.

 Also don't forget to configure profiling, which was my mistake.