CHKP053 - Identity Awareness Blade Not Enabled
Agent error code #CHKP053 indicates that the Check Point gateway's response showed the Identity Awareness blade is not active. Without that blade the Identity Web API is not served, so Knocknoc cannot register identities.
A bare 404 or 403 without a clear "identity awareness not enabled" signal in the body is reported as #CHKP005 instead, because it cannot be distinguished from an authentication or source-IP problem. #CHKP053 is raised only when the gateway response explicitly indicates the blade is off.
Common causes include:
- The Identity Awareness blade was never enabled on the gateway object
- The blade was enabled in the management database but policy has not been installed, so the gateway is not yet serving the Web API
- The Gateway Hostname points at a gateway that does not run Identity Awareness
Steps to Resolve
Enable the Identity Awareness Blade
- In SmartConsole, open the gateway object
- On General Properties, under Network Security blades, tick Identity Awareness
- Complete the Identity Awareness Configuration Wizard. You must enable at least one Method For Acquiring Identity to finish; Knocknoc does not use it, so choose the lowest-configuration option
- Install Policy so the gateway starts serving the Web API
Confirm the Hostname
- Confirm the Gateway Hostname on the Knoc points at the gateway that runs Identity Awareness, not a management server or a different gateway
For the full setup, see the Check Point setup guide.