[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] user auth & https
forgot to add - it is not a situation when clients are behind a FW-1, but my HTTPS _server_ is behind FW-1 and clients are everywhere on the Internet - I want them to authenticate on that firewall before getting access to the server. regards, W. ----- Original Message ----- From: "Graeme" <[email protected]> To: "Vitaly Osipov" <[email protected]> Cc: <[email protected]> Sent: Wednesday, March 21, 2001 11:20 AM Subject: Re: [FW1] user auth & https > 1. Insure the following line exists in $FWDIR/conf/fwauthd.conf: > > 443 in.ahttpd wait 0 > > If it's not there or it's commented out, add/uncomment it and bounce FireWall-1. > > 2. Modify the pre-defined service https. Change the protocol type from "None" to > "URI." > > You may now use HTTPS for authentication or content security as appropriate > provided the client is configured to use the firewall as a proxy for HTTPS > requests. > > > cheers > > > Graeme > > Vitaly Osipov wrote: > > > Hi all, > > > > I have a very stupid question probably, but I am stuck... Can I perform some > > kind of user auth on Checkpoint for HTTPS service? or is it possible to > > combine user auth and transparent client auth to, for example, have a client > > to connect to http://www.blahblah.com, asked for password by a FW-1, happily > > authenticated and then somehow got access not only to port 80, but to port > > 443 also? additionla "client auth" rule with http and https together and > > transparent sign-on? or any other way to get an HTTPS server protected by > > FW-1 password without putting agents on client machines? FW-1 as an HTTPS > > proxy? Checkpoint says "User auth is not available for https _yet_" :( > > > > regards, > > W. > > > > ============================================================================ ==== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ============================================================================ ==== > > -- > Never underestimate the power of stupid people > in large groups. > > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|