[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] RADIUS Setup
The hybrid box is checked. One thing I am noticing is that the rule allowing for RADIUS Auth is not showing as being used in the logs... Also the IAS server uses 1812 & 1813, but has 1645 & 1646 defined as secondaries. -----Original Message----- From: Mike Thomi [mailto:[email protected]] Sent: Saturday, March 17, 2001 12:37 PM To: Patrick Baird Subject: Re: [FW1] RADIUS Setup ----- Original Message ----- From: "Patrick Baird" <[email protected]> To: <[email protected]> Sent: Saturday, March 17, 2001 4:42 PM Subject: [FW1] RADIUS Setup > I get no loggin message on the RADIUS server about authentication even being > attempted, but I get the following in the firewall logs: > reject rule 0 reason Refused Topology request. Authentication scheme not > allowed for user. > > 1 Question, do I need the routing and remote access service running on the > IAS machine? No, you don't need them. But the radius attribute"service-type = "Authenticate-Only" is need for correct auth in radius (on ias2k it is already activated, but on nt4 optionpack ias it isn't) > If I switch to fw-1 password on the firewall object, my SR rules work fine. > Have you activated the "VPN & fw1 authentication for SecuRemote (Hybrid Mode) in fw object/VPN/IKE? mike ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|