Manualshelf

Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 3070
61626364656667686970
Configuring VSX
Check Point VSX Administration Guide NGX R67 | 66
CLIENT_IP=<Virtual System cluster IP>
3. Perform cpstop/cpstart.
Perform the following procedure on all cluster members:
4. Open the /etc/services file for editing.
5. Add the following lines:
securid 5500/udp
securidprop 5510/tcp
The Effect of Upgrading on Authentication Processes
An existing Virtual System that has been upgraded to the current version, receives the default settings
for authentication with external servers.
If the Virtual System was originally created on a management server located on the same network
segment as the external authentication server, connectivity may be lost until the "private" option is
enabled.
Client/Session Authentication
VSX supports the following client/session authentication schemes:
Client authentication over TELNET (on port 259)
Client authentication over HTTP/HTTPS (on port 900)
For a complete description of these features, see the R75 IPS Administration Guide
(http://supportcontent.checkpoint.com/documentation_download?ID=11663).
VSX Limitations
User authentication is not supported
The following client authentication methods are not supported in VSX environments:
Partially automatic
Fully automatic
Single Sign-on (UserAuthority)
Configuring Client/Session Authentication
In a VSX environment, you configure Client/Session authentication settings by manually editing the
$FWDIR/conf/cpauthd.conf file, located on the VSX Gateway.
Note - This procedure differs configuring client/session authentication
for physical security gateways.
You must configure client/session for the VSX Gateway. These settings apply, by default, to all Virtual
Systems located on the gateway.
You can optionally configure client/session authentication for specific Virtual Systems. Virtual System
specific settings override the default settings for that Virtual System only. Virtual Systems that do not have
their own settings inherit the default settings.
Configuring Authentication for the VSX Gateway
To configure client/session authentication for the VSX Gateway:
1. Backup $FWDIR/conf/cpauthd.conf .