How To's - Configure the SmartConsole Administrator with ISE as the Authentication Server

Hi there,

In this post, we are going to create an administrator account for Homer and Bart in SmartConsole, using ISE as the authentication server.

This lab assumes you already have an AD, ISE and a Check Point distributed deployment in place. If you want to deploy a similar solution, please read my previous posts (or watch The Simpsons :-).

Hajime!

You should create 2 users:

• homer.simpson in AD
• bart.simpson in ISE

Then let’s configure ISE, by adding the Security Management Server as NAD in Administration > Network Resources > Network Devices > Add

Next, confirm that your authentication and authorization rules will allow access.

Moving on to the SmartConsole, let's create an object representing ISE by going to New > Host...

Now let's create a RADIUS server in New > More > Server > Radius...

Enter the name to define the RADIUS server. For Host, select the node defined in previous step. Set the Service as Radius. Enter the Shared Secret configured on ISE. Select the Version as RADIUS Ver. 1.0. Set the Protocol type as PAP. Leave the Priority set to the default value of 1 (highest priority) and publish the changes.

Now let's create the new Administrators in the Users and Administrators menu.

Enter the administrator name and select the Permissions Profile > Super User.

Set the Authentication Method as RADIUS.

Note: Give the same administrator the name that is defined on AD and ISE.

Finally Install Database.

Now let's try log in using the new accounts.

User: homer.simpson

User: bart.simpson

And we configured successfully two administrator accounts in SmartConsole using ISE as the authentication server.

I hope you enjoyed this post, leave your comments below and I'll see you on the next one.

Reference:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk40697