RADIUS server uid is not 0 for Check Point

Vendor

Check Point

Description

When configuring access through RADIUS, it is important to set the uid granted to the user to 0 so they have root access.

Remediation Steps

Set the Super User UID to 0. In clish: "set aaa radius-servers super-user-uid 0" or via the webUI set it under User Management -> Authentication Servers.

How does this work?

indeni parses the gaia configuration database in /config/active and retreive the currently configured RADIUS super user id. It is also possible to list them using clish, but that generates a large amount of logs in /var/log/messages when done repeatedly.

Why is this important?

indeni parses the gaia configuration database in /config/active and retreive the currently configured RADIUS super user id. It is also possible to list them using clish, but that generates a large amount of logs in /var/log/messages when done repeatedly.

Without Indeni how would you find this?

An administrator could login and manually run the command.


View Source Code