What about using MS AD user group user belongs to in access rules? During initial setup for Mobile access I said that I don't want to use AD integration.ħ. Do I need user directory license if I just want to enable remote VPN authentication against AD? There is no any MS AD management from Check Point side, just querying AD for user presence and if password is valid.Ħ.
I need to move to authenticate users against Microsoft AD and also to use AD user group user belongs to in MS AD in access rules for remote access VPN - i.e. Local users are also assigned to users groups and user groups assigned to users roles that used in access rules to distinguish what users can and cannot accessĤ. We are using Check Point Mobile for Windows client and presently users are created locally.ģ. We are on R80.10 version SMS and gatewaysģ. IP Sec VPN, Mobile access and Identity awareness blades are enabledĢ. I totally lost in number of somewhat conflicting documentation and community topics and would be grateful if you can help me.ġ.
