Configuring per user IP assignment using ipassignment.conf in Check Point for remote access users
In order to assign individual IPs and ranges to certains remote access users, Check Point provides a configuration file allowing you to configure your gateway as required. This configuration file is :
This article we will outline some of the possible gotcha`s and also run through the required steps.
Within this example we will provide a single user (certificate based) with a specific IP address and allow the rest of the subnet to be assigned to the rest of the users within this group.
- Edit the file $FWDIR/conf/ipassignment.conf with the required changes. Please click here to view the configuration file with the required changes for this example.
- Ensure you have selected the required option within the Check Point Object telling it to use the ipassignment.conf file.
- Check the file using the command vpn ipafile_check ipassignment.conf detail
- Push the Policy to the Gateway and test that your changes have been successful.