[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Authentication of Web Sessions
Hi and sorry for being a bit late with this reply. Actually it is possible to use FW-1 ONLY to have every internal user accessing the Internet authenticated by username/password popup. I successfully did that with a Nokia 440 and hundreds of users. Only provision is using the http Security Server and the readiness to hack in every user manually <g> I posted the complete solution on this list it must be in the archives of last year somewhere, just look for my old address [email protected] as the sender and you will find it. Also a similar explanation is at www.phoneboy.com/fw1 under "Implicit Client Authentication" I believe... Cheers Ralf G. -----Ursprüngliche Nachricht----- Von: <[email protected]> An: "'Blomfield, Adam'" <[email protected]>; "'Checkpoint Firewall-1 List'" <[email protected]> Gesendet: Mittwoch, 3. Januar 2001 16:06 Betreff: RE: [FW1] Authentication of Web Sessions > > FW1 supports radius (amongst others) as a means of authentication see > http://www.phoneboy.com/fw1/faq/0282.html > > Another option is a copy of ms proxy server or csm proxy server. These > provide transparent authentiation (no need for username or password) against > a nt system. The difference is you point the browser to the proxy rather > than the firewall , allow the proxy access out via 80 and 443 > NOTE: ms proxy only supports IE not any other browser using this option. > Anothe option of transparent auth is meta-ip (from checkpoint) but expensive > > -----Original Message----- > From: Blomfield, Adam [mailto:[email protected]] > Sent: Wednesday, 3 January 2001 10:02 AM > To: 'Checkpoint Firewall-1 List' > Subject: [FW1] Authentication of Web Sessions > > > > I have used proxy servers before that popped up a username and password box > any time I tried to access an web site. Is it possible to get Firewall-1 to > do this? Can it validate usernames and passwords against an NT userlist? If > so, is there a document out there that details how to do this? > > Thanks, > Adam Blomfield - WAN Administrator > Sulzer Chemtech USA >> [email protected] > > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > *************************************************** > This e-mail is not an official statement of the > Waikato Regional Council unless otherwise stated. > Visit our website http://www.ew.govt.nz > *************************************************** > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|