• State Verified Answer
  • Replies 1 reply
  • Subscribers 28 subscribers
  • Views 726 views
  • Users 0 members are here
Options
Related

Telnet session connection initiated by SPP

Mahmoud Emad
10 months ago

Hello,

When i tried to create new access policy with type: session - telnet.

i found that no (safeguard_default) telnet session connection exists.

So, i tried to create one initiated by SPP, but got invalid configuration error: You must set the following configuration; in AA plugin set SGAATelnet.

i downloaded it from github: https://github.com/OneIdentity/SafeguardAutomation/blob/3540fa2528d8801289cc3ff026a2af17a1ff9a42/Terminal%20Pattern%20Files/AAPlugin/SGAATelnet/MANIFEST#L3

but after uploading, firmware corrupted.

please if anyone tried to create SPP telnet connection, please share with me the correct steps.

Parents
  • +1 10 months ago

    Hi Mahmoud, 

    What version of SPS are you running?

    Where did you upload the SGAATelnet.zip file? Should be in Basic Settings > Plugins > Upload a plugin and leave it as a .zip file without extraction.

    - you can go to Policies > AA Plugin Configuration > create a new configuration for the new plugin and append the SPP IP address as required.

    - Then under Telnet Control > Pattern Sets > Add the pattern set that you need for your target asset type. there are a few default pattern sets and a couple in Github here

    - you can add the pattern set to the Authentication Policy by enabling the Extract username from the traffic and select the Pattern set for your target device.

    - Now you should be able to create a new Telnet connection policy and associate the Authentication policy with the selected pattern set created in the step earlier and select the SGAATelnet AA plugin and other SPP related policies such as the Usermapping (Safeguard_default) and Credential Store (Safeguard_default) and enable the box "Share connection policy with SPP" then commit.

    If you need further assistance with this configuration, we recommend consulting with One Identity Professional Services team 

    Thanks!

Reply
  • +1 10 months ago

    Hi Mahmoud, 

    What version of SPS are you running?

    Where did you upload the SGAATelnet.zip file? Should be in Basic Settings > Plugins > Upload a plugin and leave it as a .zip file without extraction.

    - you can go to Policies > AA Plugin Configuration > create a new configuration for the new plugin and append the SPP IP address as required.

    - Then under Telnet Control > Pattern Sets > Add the pattern set that you need for your target asset type. there are a few default pattern sets and a couple in Github here

    - you can add the pattern set to the Authentication Policy by enabling the Extract username from the traffic and select the Pattern set for your target device.

    - Now you should be able to create a new Telnet connection policy and associate the Authentication policy with the selected pattern set created in the step earlier and select the SGAATelnet AA plugin and other SPP related policies such as the Usermapping (Safeguard_default) and Credential Store (Safeguard_default) and enable the box "Share connection policy with SPP" then commit.

    If you need further assistance with this configuration, we recommend consulting with One Identity Professional Services team 

    Thanks!

Children
No Data