[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] External users authentication
Hi all, I'm interested in allowing authenticated access to internal web server to external users. I have FW-1 4.1 with only 2 NICs (no DMZ). What's the best way between: 1) Static NAT for every internal web server 2) Security Server? I think HTTP Security Server is better but can I use it with unofficial internal networks? Until now, I wasn't able to create an HTTP Security Server. Is the following step-by-step procedure right? I defined a Security Server in Properties: Logical name: freedom Host: <internal IP address> Port: 80 Reauthentication: none Server for Null Request: checked and I inserted two rules: 1) Any - FW - Not http - Drop - Long 2) All_Users@Any - Any - http - User Auth - Long Group All_Users contains user x (authenticated by FW-1). I'm able to successfully login to URL: http://firewall/freedom/ (where 'firewall' is the external interface of the firewall) but I get the following: Error FW-1 at fw: Failed to connect to the WWW server. Access to host 'freedom:80' from firewall console is working. Direct/inverse DNS resolution for hostname 'freedom' is working too. Thank you for your support and suggestions Domenico Viggiani _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|