Remote clients are using IPSec VPN to authenticate via LDAP server to connect to the organization. Which gateway process is responsible for the authentication?
A. fwm
B. fwd
C. vpnd
D. cvpnd
5 Comments on “Which gateway process is responsible for the authentication?”
Timsays:
C
0
0
Tobisays:
I assume D.
0
0
Vladsays:
C is correct.
vpnd is responsible for IPSecVPN
cvpnd is responsible for Mobile Access.
* Remote Access VPN Authentication fails with the “Access denied – wrong user name or password” error after upgrade of Security Management Server / Multi-Domain Security Management Server.
* SmartView Tracker logs show: “reason: Client Encryption: User unknown.”
* Debug of VPND daemon (per sk89940) shows:
* * create_interesting_group: Found NUMBER relevant groups. Sorting and removing duplicates, APNs and All Users
* * create_interesting_group: au_prepare_groups failed to create interesting_groups
Cause:
VPND daemon tries to validate all the objects in the “Participant user groups” of the Remote Access Community.
If the object VPN-1 Embedded devices defined as Remote Access is included, VPND fails and no Remote Access user can authenticate.
C
0
0
I assume D.
0
0
C is correct.
vpnd is responsible for IPSecVPN
cvpnd is responsible for Mobile Access.
0
0
Answer : vpnd
sk97638
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638
vpnd: description :
* IKE (UDP/TCP)
* NAT-T
* Tunnel Test
* Reliable Datagram Protocol (RDP)
* Topology Update for SecureClient
* SSL Network Extender (SNX)
* SSL Network Extender (SNX) Portal
* Remote Access Client configuration
* Visitor Mode
* L2TP
sk98256
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98256
Symptoms:
* Remote Access VPN Authentication fails with the “Access denied – wrong user name or password” error after upgrade of Security Management Server / Multi-Domain Security Management Server.
* SmartView Tracker logs show: “reason: Client Encryption: User unknown.”
* Debug of VPND daemon (per sk89940) shows:
* * create_interesting_group: Found NUMBER relevant groups. Sorting and removing duplicates, APNs and All Users
* * create_interesting_group: au_prepare_groups failed to create interesting_groups
Cause:
VPND daemon tries to validate all the objects in the “Participant user groups” of the Remote Access Community.
If the object VPN-1 Embedded devices defined as Remote Access is included, VPND fails and no Remote Access user can authenticate.
0
0
C. vpnd
0
0