Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2024
Views
5
Helpful
2
Replies

Cisco Integration with Checkpoint Identity Collector

Go to solution
m.bettridge1
Level 1
Level 1

‎01-09-2019 03:04 AM

Hi, we are trying to get our Cisco ISE to integrate with the Checkpoint Identity Collector but have encountered an issue in that the smart collector will only ever see the Cisco ISE PSN node as 'Disconnected'.

 

There appears to be well documented guides for deploying the checkpoint identity collector with Active Directory and with ISE from the checkpoint side but no guides out there for configuring it from the Cisco ISE side.

 

Any help would be much appreciated.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jeppich
Cisco Employee
Cisco Employee

‎01-09-2019 02:07 PM

Hi,

 

It appears that you have a certificate issue between Checkpoint & the ISE pxGrid node.

 

How do you have ISE deployed and which version are you using?  If you are just using the ISE internal CA with 2.2, please see: https://community.cisco.com/t5/security-documents/using-ise-2-2-internal-certificate-authority-ca-to-deploy/ta-p/3639747, if you are using an external CA server, please see :https://community.cisco.com/t5/security-documents/deploying-certificates-with-cisco-pxgrid-using-an-external/ta-p/3639677, if you are deploying pxGrid in an ISE productional environment, please see:https://community.cisco.com/t5/security-documents/how-to-configure-pxgrid-in-ise-production-environments/ta-p/3646330

 

Also ensure that you have your ISE pxGrid published nodes appear and you are in a connected state, (you will see this in the lower left hand corner.

 

If you have additional questions, please email me directly.

 

Thanks,

John

jeppich@cisco.com

View solution in original post

2 Replies 2

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎01-09-2019 01:14 PM

I have asked our sme @jeppich

0 Helpful

Go to solution
jeppich
Cisco Employee
Cisco Employee

‎01-09-2019 02:07 PM

Hi,

 

It appears that you have a certificate issue between Checkpoint & the ISE pxGrid node.

 

How do you have ISE deployed and which version are you using?  If you are just using the ISE internal CA with 2.2, please see: https://community.cisco.com/t5/security-documents/using-ise-2-2-internal-certificate-authority-ca-to-deploy/ta-p/3639747, if you are using an external CA server, please see :https://community.cisco.com/t5/security-documents/deploying-certificates-with-cisco-pxgrid-using-an-external/ta-p/3639677, if you are deploying pxGrid in an ISE productional environment, please see:https://community.cisco.com/t5/security-documents/how-to-configure-pxgrid-in-ise-production-environments/ta-p/3646330

 

Also ensure that you have your ISE pxGrid published nodes appear and you are in a connected state, (you will see this in the lower left hand corner.

 

If you have additional questions, please email me directly.

 

Thanks,

John

jeppich@cisco.com

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents