NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] SecurID PASSCODE not invoked with SecuRemote.




Hey Guys,


I have an issue whereby I cannot ClientEncrypt off a Firewall using SecurID as the Authentication method.

On the Ace Server, I have defined:
(1) Firewall as a valid Client with "Secondary Node" definitions

On the Firewall, I have defined:
(1) Rule passing tcp5510 and udp5500 between Ace Server and Firewall
(2) Copied /ace/data/sdconf.rec from Ace to /var/ace on the Firewall bouncing Firewall appropriately.
(3) Set User to run with IKE and Auth Scheme of SecurID. The IKE Properties have been set to an Auth of a Password.
(4) Defined appropriate ClientEncrypt rule and Encryption Domain


I have replicated the hosts files on each of the boxes.

I can retrieve Site happily, but on launching my session to the Encrypt Domain I am not asked for a PASSCODE. It accepts the Password defined under the IKE Properties. Strange?

As a test, I attempted tcp connections on tcp 259 to the same Firewall. I get the "C'Point Client Authentication Server running on ..." and I enter a User and Passcode appropriately. However I get the error in the Client Window "unable to activate SecurID auth". In the Firewall Log Viewer I get Communication Problems.

No also that no node secret is created on the Ace Server under the Clients Window.

Thanks, Terry.

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.



================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.