Appliance Configuration
Check Point 1400 Appliances Centrally Managed Administration Guide R77.20.85 | 101
OpenRADIUS
server for non-local appliance users:
1.
Create the dictionary file dict.checkpoint in
/etc/openradius/subdicts/
on the RADIUS server:
# Check Point Gaia vendor specific attributes
# (Formatted for the OpenRADIUS RADIUS server.)
# Add this file to etc/openradius/subdicts/ and add the line
# "$include subdicts/dict.checkpoint" to etc/openradius/dictionaries
# right after dict.ascend.
$add vendor 2620 CheckPoint
$set default vendor=CheckPoint
space=RAD-VSA-STD
len_ofs=1 len_size=1 len_adj=0
val_ofs=2 val_size=-2 val_type=String
nodec=0 noenc=0
$add attribute 229 CP-Gaia-User-Role
$add attribute 230 CP-Gaia-SuperUser-Access val_type=Integer
val_size=4
Add the line
$include subdicts/dict.checkpoint
to
/etc/openradius/dictionaries
immediately after dict.ascend
Add this Check Point Vendor-Specific Attribute to users in your RADIUS server user
configuration file:
CP-Gaia-User-Role =
<role>
Where
<role>
is the name of the administrator role that is defined in the WebUI.
Super Admin adminRole
Read only monitorrole
Networking Admin networkingrole
To log in as a Super User:
A user with super user permissions can use the Check Point Appliance shell to do system-level
operations, including working with the file system.
Connect to the Check Point Appliance platform using an SSH client or serial console client.
Log in to the Clish shell using your user name and password.
Run Expert
Enter the expert password.
To Next Page
Loading...
