EasyManua.ls Logo

Check Point L-71 - Page 99

Check Point L-71
124 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Appliance Configuration
Check Point 1400 Appliances Centrally Managed Administration Guide R77.20.85 | 99
To set the Session Timeout value for both local and remotely defined administrators:
1.
Click Security Settings.
The Administrators Security Settings window opens.
2.
Configure the session timeout (maximum time period of inactivity in minutes). The maximum
value is 999 minutes.
3.
To limit login failure attempts, click the Limit administrators login failure attempts checkbox.
4.
Enter the number of Maximum consecutive login attempts allowed before an administrator is
locked out.
5.
In Lock period, enter the time (in seconds) that must pass before a locked out administrator
can attempt to log in again.
6.
To enforce password complexity on administrators, click the checkbox and enter the number
of days for the password to expire.
7.
Click Apply.
Note - This page is available from the Device and Users & Objects tabs.
Configuring a RADIUS Server for non-local Check Point Appliance users:
Non-local users can be defined on a RADIUS server and not in the Check Point Appliance. When a
non-local user logs in to the appliance, the RADIUS server authenticates the user and assigns the
applicable permissions. You must configure the RADIUS server to correctly authenticate and
authorize non-local users.
Note - The configuration of the RADIUS Servers may change according to the type of operating
system on which the RADIUS Server is installed.
Note - If you define a RADIUS user with a null password (on the RADIUS server), the appliance
cannot authenticate that user.
To configure a Steel-Belted RADIUS server for non-local appliance users:
1.
Create the dictionary file checkpoint.dct on the RADIUS server, in the default dictionary
directory (that contains radius.dct). Add these lines to the file:
@radius.dct
MACRO CheckPoint-VSA(t,s) 26 [vid=2620 type1=%t% len1=+2 data=%s%]
ATTRIBUTE CP-Gaia-User-Role CheckPoint-VSA(229, string) r
ATTRIBUTE CP-Gaia-SuperUser-Access CheckPoint-VSA(230, integer) r
2.
Add the following lines to the vendor.ini file on RADIUS server (keep in alphabetical order
with the other vendor products in this file):
vendor-product = Check Point Appliance
dictionary = nokiaipso
ignore-ports = no
port-number-usage = per-port-type
help-id = 2000
3.
Add to the dictiona.dcm file the line:
@checkpoint.dct

Table of Contents

Other manuals for Check Point L-71

Preview: Getting Started Guide
Getting Started Guide106 pages

Related product manuals