Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Authentication for browsing the web

To: Steve Crumley <[email protected]>
Subject: Re: [FW1] Authentication for browsing the web
From: CryptoTech <[email protected]>
Date: Fri, 15 Dec 2000 11:17:31 -0500
Cc: [email protected]
References: <[email protected]> <[email protected]> <[email protected]>
Reply-to: [email protected]
Sender: [email protected]

Unfortunately, yes.  You must have the Account management piece to run ldap services.

CT

Steve Crumley wrote:

> I've been thinking of going the LDAP route too.  If I have an existing
> OpenLDAP server in-house, do I need to add any license to my FW-1 in
> order to auth users with their LDAP password?
> Thanks,
> -Steve
>
> CryptoTech wrote:
> >
> > Michael,
> > Yes and no.  If all you want is a basic 'who is this user', then you can define a
> > radius server in the firewall and create a user generic* and use that user (actually
> > a group containing that user, like the default 'all groups') in your auth rule.
> >
> > Otherwise, you can get a license for account management and create 'shadow groups',
> > or mappings between firewall groups and ldap groups or containers and use those in
> > your rulebase.
> >
> > CT
> >
> > [email protected] wrote:
> >
> > > Can Checkpoint use an outside authentication method to authenticate users?
> > >
> > > I'm looking to force authentication for internal people browsing the web
> > > but don't want to put every user in Checkpoint's user list.
> > >
> > > I have an LDAP server I can authenticate to, or I could set up a radius
> > > server as a gateway.
> > >
> > > Michael Breton
> > > Geiger
> > >> > >
> > > ================================================================================
> > >      To unsubscribe from this mailing list, please see the instructions at
> > >               http://www.checkpoint.com/services/mailing.html
> > > ================================================================================
> >
> > ================================================================================
> >      To unsubscribe from this mailing list, please see the instructions at
> >               http://www.checkpoint.com/services/mailing.html
> > ================================================================================
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>               http://www.checkpoint.com/services/mailing.html
> ================================================================================




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Authentication for browsing the web
  - From: [email protected]
- Re: [FW1] Authentication for browsing the web
  - From: CryptoTech <[email protected]>
- Re: [FW1] Authentication for browsing the web
  - From: Steve Crumley <[email protected]>

Prev by Date: [FW1] High Availability module
Next by Date: RE: [FW1] VPN setup questions
Previous by thread: Re: [FW1] Authentication for browsing the web
Next by thread: AW: [FW1] Integrating Firewall 1 with LDAP Server
Index(es):
- Date
- Thread