- To integrate with Check Point we can use LigthSpeed module available in Extreme Connect. The configution file:
/usr/local/Extreme_Networks/NetSight/wildfly/standalone/configuration/connect/LightSpeedHandler.xmlThe content of the file can be adjusted = the module will de displayed as “CheckPointRSSO”:
- Server = IP address or FQDN of the Check Point firewall.
- Password = Shared Secret for radius communication from ExtremeCloud IQ - Site Engine to Check Point.
- Module enabled = True
- Radius interim message interval should be lower then timeout configured on Check Point
- In the Check Point SmartConsole double click on your firewall blade and check the Identity Awareness.
- Identity Awareness menu check RADIUS Accounting and click on Settigngs...
- The Radius Accounging should be configured as follows...
- Authorized Radius Client is ExtremeCloud IQ - Site Engine.
- Shared Secret must match the one configured in the Extreme Connect module password.
- Session Timout should be longer then interrim update configured in Extreme Connect.
- Message Attribute Indices shoudl be configured properly.
- In the Check Point SmartConsole double click on your firewall blade and check the Identity Awareness.
- Users or groups you want to use in your rules. You can open Object Explorer by CTRL+E.
- In the Check Point Smart Console use objects defined earlier in the Object Explorer.
The software is provided as-is and Extreme Networks has no obligation to provide maintenance, support, updates, enhancements, or modifications. Any support provided by Extreme Networks is at its sole discretion.
Issues and/or bug fixes may be reported on The Hub.
Be Extreme