[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] VPN & W2K (LDAP)
Hi to everybody,
A client asked me to implement a VPN using IKE(but if it is easier I
can think to use FWZ) for their remote users(probably they will use
secure remote, or secure client).
Right now they have all the authentication information for that users
on a Win2K server, that have LDAP active (but I can activate other
services on it is needed).
So it would be great if I can plug the FW-1 (on solaris with HA) and
use the user information on the LDAP server for the authentication
(without having to change more than 10k users information or
password).
Probably it can be done using Hybrid Authentication Mode, but can I
use original password stored on Win2K server, or do I need to change
them? are they (FW-1 and Win2K) stored in the same encrypted way?
And then..... Is Hybrid mode Authentication less secure than other
authentication scheme? Where can I find details about it?
Do you see other way to take Win2K user information from the Win2K
server to do the authentication on the FW-1?
Are there people here that took user information from an WinNT 4.0,
Win2K to do the authentication on the VPN? What is your experience?
Are there good documentation on it?
Best Regards, and sorry if some question on LDAP and win2k are "basic"
but I don't know that protocol/products well.....
MaX
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================