Professional Documents
Culture Documents
07 Identity Awareness Lab PDF
07 Identity Awareness Lab PDF
R80.10 Training
(revised: September 14, 2018)
©2018
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 1
Identity Awareness Lab
External Network
IP: 192.168.103.x VMware:
suspend
Kali
Pen Test Tool
Internal Client
Kali
Win-Victim IP: 192.168.103.100
User: root/Cpwins1!
IP: 192.168.101.100
Default Gtwy: 192.168.103.254
User: jroberts/Cpwins1!
Default Gtwy: 192.168.101.254
DNS: 192.168.102.2 Internal Network DMZ Network
DNS: 8.8.8.8 IP: 192.168.101.x IP: 192.168.102.x
Management
&
Gateway
VMware: VMware:
suspend R80 suspend
Endpoint
Endpoint Eth0: 192.168.101.254 Ubuntu Active Directory
Management Eth1: 192.168.102.254 Web Server
Eth2: 192.168.103.254
User: admin / Cpwins1!
GUI : admin / Cpwins1! Ubuntu Win-DC
EndpointServer
Default Gtwy: 192.168.103.2
IP: 192.168.101.165 DNS: 8.8.8.8 IP: 192.168.102.5 IP: 192.168.102.2
User: admin/Cpwins1! User: admin/Cpwins1! User: Administrator /Cpwins1!
Default Gtwy: 192.168.101.254 Default Gtwy: 192.168.102.254 Domain: LAB.TEST
DNS: 192.168.102.2 Default Gtwy: 192.168.102.254
DNS: 8.8.8.8 DNS: 127.0.1.1
DNS: 192.168.103.2
DNS: 8.8.8.8
©2018 Check Point Software Technologies Ltd. 3
Identity Awareness Lab
Enable Identity Awareness
• Click Connect.
Note: If you receive an Error, click Connect one more time. Sometimes the first connection attempt is
dropped in a VM environment. Verify the connection with a ping to 192.168.102.2.
©2018 Check Point Software Technologies Ltd. 6
Identity Awareness Lab
Enable Identity Awareness
• Notice the default is set • Identity Awareness is Now
to access the portal only Active! appears.
through internal
interfaces. • Click Finish. Click OK.
• In rules with access roles, you can add a property in the Action
field to redirect traffic to the Captive Portal. If this property is
added, when the source identity is unknown and traffic is HTTP,
the user is redirected to the Captive Portal. If the source identity
is known, the Action in the rule (Allow or Block) is enforced
immediately and the user is not sent to the Captive Portal.
• Select More.
New
• Notice that you can toggle the icons in the upper right to show just users.
• We could create a specific role, but for this lab select Any User and click OK.
• Password: Cpwins1!
• From Expert Mode, type the following command and press Enter:
# pdp monitor all | more
©2018 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals
Identity Awareness Best Practices
SecureKnowledge sk88520
©2018
©2016 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 29