Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] user auth & https

To: "Graeme" <[email protected]>, "Vitaly Osipov" <[email protected]>
Subject: Re: [FW1] user auth & https
From: "Vitaly Osipov" <[email protected]>
Date: Wed, 21 Mar 2001 11:42:26 -0000
Cc: <[email protected]>
References: <A5BFA8FBBBA6D411B19100508BE360385AAECB@BLSMSGPRV08> <012001c0b1f2$eca59350$1102a8c0@witt> <[email protected]>
Sender: [email protected]

forgot to add - it is not a situation when clients are behind a FW-1, but my
HTTPS _server_ is behind FW-1 and clients are everywhere on the Internet - I
want them to authenticate on that firewall before getting access to the
server.

regards,
W.


----- Original Message -----
From: "Graeme" <[email protected]>
To: "Vitaly Osipov" <[email protected]>
Cc: <[email protected]>
Sent: Wednesday, March 21, 2001 11:20 AM
Subject: Re: [FW1] user auth & https


> 1. Insure the following line exists in $FWDIR/conf/fwauthd.conf:
>
> 443 in.ahttpd wait 0
>
> If it's not there or it's commented out, add/uncomment it and bounce
FireWall-1.
>
> 2. Modify the pre-defined service https. Change the protocol type from
"None" to
> "URI."
>
> You may now use HTTPS for authentication or content security as
appropriate
> provided the client is configured to use the firewall as a proxy for HTTPS
> requests.
>
>
> cheers
>
>
> Graeme
>
> Vitaly Osipov wrote:
>
> > Hi all,
> >
> > I have a very stupid question probably, but I am stuck... Can I perform
some
> > kind of user auth on Checkpoint for HTTPS service? or is it possible to
> > combine user auth and transparent client auth to, for example, have a
client
> > to connect to http://www.blahblah.com, asked for password by a FW-1,
happily
> > authenticated and then somehow got access not only to port 80, but to
port
> > 443 also? additionla "client auth" rule with http and https together and
> > transparent sign-on? or any other way to get an HTTPS server protected
by
> > FW-1 password without putting agents on client machines? FW-1 as an
HTTPS
> > proxy? Checkpoint says "User auth is not available for https _yet_" :(
> >
> > regards,
> > W.
> >
> >
============================================================================
====
> >      To unsubscribe from this mailing list, please see the instructions
at
> >               http://www.checkpoint.com/services/mailing.html
> >
============================================================================
====
>
> --
> Never underestimate the power of stupid people
> in large groups.
>
>
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- RE: [FW1] CCSA
  - From: "Abraham, Elliot" <[email protected]>
- [FW1] user auth & https
  - From: "Vitaly Osipov" <[email protected]>
- Re: [FW1] user auth & https
  - From: Graeme <[email protected]>

Prev by Date: [FW1] Two net via one FW and two routers
Next by Date: [FW1] message from FW-1 ?
Previous by thread: Re: [FW1] user auth & https
Next by thread: Re: [FW1] CCSA
Index(es):
- Date
- Thread