Configure Check Point optional settings

Check Point supports two optional settings. Client IP Reporting and Groups response.

Configure Client IP Reporting

To configure Okta to be able to parse, report on and eventually enforce policy based off of the source client IP Address you need to configure the Check Point (RADIUS) app in Okta as follows:

Enter the following settings in Advanced RADIUS Settings found on the Sign On tab for the Radius app in your Okta Admin Console

  • Client IP: Check Report client IP.
  • RADIUS End User IP Attributes: 66 Tunnel-Client-Endpoint

Configure Groups Response

Check Point can use group information from Okta to make advanced assignment and policy decisions.

To configure Okta to send Radius Group information to Check Point:

 

Enter the following settings in Advanced RADIUS Settings found on the Sign On tab for the Radius app in your Okta Admin Console, as shown below.

  • RADIUS Attribute: 25 Class
  • Group memberships to return Select Groups to Return
  • Response format: Repeating attributes

  • Group name format: ${group.name}