Appliance Configuration
Check Point 1400 Appliances Centrally Managed Administration Guide R77.20.85 | 87
FreeRADIUS
server for non-local appliance users:
1.
Create the dictionary file dictionary.checkpoint in /etc/freeradius/ on the RADIUS
server:
#
# Check Point dictionary file for freeradius AAA server
#
VENDOR CheckPoint 2620
ATTRIBUTE CP-Gaia-User-Role 229 string
CheckPoint
ATTRIBUTE CP-Gaia-SuperUser-Access 230 integer
Add to /etc/freeradius/dictionary the line:
“$INCLUDE dictionary.checkpoint”
Add this Check Point Vendor-Specific Attribute to users in your RADIUS server user
configuration file:
CP-Gaia-User-Role =
<role>
Where
<role>
is the name of the administrator role that is defined in the WebUI.
Administrator Role Value
Super Admin adminRole
Read only monitorrole
Networking Admin networkingrole
OpenRADIUS
server for non-local appliance users:
1.
Create the dictionary file dict.checkpoint in
/etc/openradius/subdicts/
on the RADIUS server:
# Check Point Gaia vendor specific attributes
# (Formatted for the OpenRADIUS RADIUS server.)
# Add this file to etc/openradius/subdicts/ and add the line
# "$include subdicts/dict.checkpoint" to etc/openradius/dictionaries
# right after dict.ascend.
$add vendor 2620 CheckPoint
$set default vendor=CheckPoint
space=RAD-VSA-STD
len_ofs=1 len_size=1 len_adj=0
val_ofs=2 val_size=-2 val_type=String
nodec=0 noenc=0
$add attribute 229 CP-Gaia-User-Role
$add attribute 230 CP-Gaia-SuperUser-Access val_type=Integer
val_size=4
To Next Page
Loading...
