[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] user auth & https
1. Insure the following line exists in $FWDIR/conf/fwauthd.conf:
443 in.ahttpd wait 0
If it's not there or it's commented out, add/uncomment it and bounce
FireWall-1.
2. Modify the pre-defined service https. Change the protocol type from
"None" to "URI."
You may now use HTTPS for authentication or content security as appropriate
provided the client is configured to use the firewall as a proxy for HTTPS
requests.
cheers
Graeme
Vitaly Osipov wrote:
Hi all,
I have a very stupid question probably, but I am stuck... Can I perform
some
kind of user auth on Checkpoint for HTTPS service? or is it possible
to
combine user auth and transparent client auth to, for example, have
a client
to connect to http://www.blahblah.com,
asked for password by a FW-1, happily
authenticated and then somehow got access not only to port 80, but
to port
443 also? additionla "client auth" rule with http and https together
and
transparent sign-on? or any other way to get an HTTPS server protected
by
FW-1 password without putting agents on client machines? FW-1 as an
HTTPS
proxy? Checkpoint says "User auth is not available for https _yet_"
:(
regards,
W.
================================================================================
To unsubscribe from this mailing list, please
see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
--
Never underestimate the power of stupid people
in large groups.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature