| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] radius help
- To: [email protected]
- Subject: Re: [FW-1] radius help
- From: Lars Troen <[email protected]>
- Date: Fri, 7 Mar 2003 21:52:06 +0100
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcLkxryLvEa/bbpoQ2mtKuRmKJjq9QAI7s4A
- Thread-topic: [FW-1] radius help
Norman,
- Make sure you're not natting the communication between the firewall and the radius server.
- Make both the internal nic and the licensed nic a radius client.
I have setup working configs with both FP2 and FP3 to NT4 and w2k IAS.
Lars
> -----Original Message-----
> From: Norman Zhang [mailto:[email protected]]
> Sent: Friday, March 07, 2003 17:06
> To: [email protected]
> Subject: [FW-1] radius help
>
>
> Hi,
>
> I have done some further troubleshooting. I see the RAIDUS
> packets from port
> 1645 that originate from firewall to RADIUS server received
> reject. But
> behind the LAN on a different machine in the same subnet, I
> received accept.
> My firewall is set to allow outgoing traffic. Are there other
> properties
> that I need to set in NG FP3?
>
> Regards,
> Norman
>
> ----- Original Message -----
> From: "Norman Zhang" <[email protected]>
> To: <[email protected]>
> Sent: Monday, March 03, 2003 5:45 PM
> Subject: [FW-1] radius help
>
>
> Hi,
>
> I had this working in 4.1 but I can't get RADIUS to work in NG FP3. I
> installed IAS from NT 4.0 Option Pack then applied midcamp.exe and
> iassp6-x86.exe from MS.
>
> My firewall rule is
>
> localusers@LAN -->any-->any-->http-->user authentication
>
> The RADIUS clients file is setup as
>
> FWIntIP mySecret
>
> and users as
>
> DEFAULT
> Internal-Proxy-Server = "DLL C:\Program Files\IAS\authsam.dll"
> Framed-Protocol = PPP
> Framed-Routing = Send
> Service-Type = Framed
>
> Event Viewer displays the following with Event ID: 8207,
> Source: AuthSrv,
> Type: Warning, Category: Malformed Packet
>
> Unknown Client: Source = FWIntIP:2912
> Code = Access-Request
> Identifier = 64
> User-Name = InternalUser
> Password = ******
> Service-Type = Authenticate-Only
> NAS-IP-Address = FwExtIP
>
> Would someone please give some pointers here?
>
> Regards,
> Norman
>
> ---
>
> Hi,
>
> I have a RADIUS on a NT 4.0 BDC. I need to able to
> authenticate NG FP3 with
> the RADIUS, but I seem to forget what settings that I need to
> change the
> users file. I tried to follow,
>
> DEFAULT Auth-Type = System, User-Service-Type = Login-User
>
> as described in
> http://www.phoneboy.com/fom/fom.pl?_highlightWords=radius&file
=435. But
those two attributes does not seem to exist in RADIUS (I'm using the one
came with NT 4.0 Option Pack (with appropriate fixes). Does anyone remember
what I need to change in the configuration file to get this working?
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
