[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Authentication for browsing the web
Unfortunately, yes. You must have the Account management piece to run ldap services. CT Steve Crumley wrote: > I've been thinking of going the LDAP route too. If I have an existing > OpenLDAP server in-house, do I need to add any license to my FW-1 in > order to auth users with their LDAP password? > Thanks, > -Steve > > CryptoTech wrote: > > > > Michael, > > Yes and no. If all you want is a basic 'who is this user', then you can define a > > radius server in the firewall and create a user generic* and use that user (actually > > a group containing that user, like the default 'all groups') in your auth rule. > > > > Otherwise, you can get a license for account management and create 'shadow groups', > > or mappings between firewall groups and ldap groups or containers and use those in > > your rulebase. > > > > CT > > > > [email protected] wrote: > > > > > Can Checkpoint use an outside authentication method to authenticate users? > > > > > > I'm looking to force authentication for internal people browsing the web > > > but don't want to put every user in Checkpoint's user list. > > > > > > I have an LDAP server I can authenticate to, or I could set up a radius > > > server as a gateway. > > > > > > Michael Breton > > > Geiger > > >> > > > > > ================================================================================ > > > To unsubscribe from this mailing list, please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================================================ > > > > ================================================================================ > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================================ > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|